Acce55ing Rem0te Systems & File P3rms

What is SSH?

SSH or Secure SHell is network protocol for secure/encrypted communications between systems

SSH is often used for remote administration of "headless" servers in a client/server model.

Understanding SSH involves understanding of many key security concepts such as: encryption, ports, sockets, shells, services, connectivity.

How does it work?

SSH is based on the concept public key cryptography where a user must own a generated public/private key pair, and requires completion of a 3 way handshake to create a secure connection between systems.

Messages are created with a private key and can only be decrypted on the receiving end if that user has the associated public key.

Likewise returned messages are created using the public key and only a user owning the private key can successfully decrypt the message.

How does it work(more)?

SSH requires a few key components to access a remote system.

  1. Generation of a public/private key pair
ssh-keygen -t rsa -b 4096 -C "some.user@somedomain.com"

2. Addition of public key to a remote systems ~/.ssh/authorized_keys file

3. Configuration of SSH service on remote systems   /etc/ssh/sshd_config file

more ssh | grep skillz

$ ssh --help

Mac/Linux Users:

# Default Connection Linux/Mac
$ ssh user@somedomain.com

# Custom Port Connection Linux/Mac
$ ssh -p 2222 someuser@192.168.1.19

# Command line Putty Usage | PATH must be set
C:\Users\MyUser putty.exe -ssh someuser@192.168.1.19

To make a connection:

Windows Users:
https://putty.org/

File Permissions (Linux)

Files and Directories, in both Windows and Linux, have similar concepts of ownership

It usually comes down to who can:

  1. Read
  2. Write
  3. Execute

In Linux these permissions are based on binary calculations

  1. Read - 4
  2. Write - 2
  3. Execute - 1

more File Permissions

To view file or directory permissions:

$ ls -la some/file/path

So who owns things?

Ownership generally comes down to 2 main categories:

  1. Users
  2. Groups(many users)

Group permissions are much easier to manage at scale than individual users, so it's best to categorize/segment your users

How to find files by properties?

Sometimes you need to search a system to find out ownership by user, group, or permissions:

The find utility allows us to search a file system for files matching certain characteristics.

# Find all files owned by user jason 
find / -user jason 

# Find all files owned by the group admins
find / -group admins

# Find a file by name
find / -name somefile.txt

# You can mix commands as well
find / -user jason -group admins

# There are many other options including:
- File Permissions
- Size of file 
- Case insensitive file match
- File Path
- ...and more

practice!

Resources:

https://www.linux.com/learn/understanding-linux-file-permissions
https://www.techrepublic.com/article/windows-101-know-the-basics-about-ntfs-permissions/​

https://www.hostinger.com/tutorials/ssh-tutorial-how-does-ssh-work
https://www.digitalocean.com/community/tutorials/understanding-the-ssh-encryption-and-connection-process​

Made with Slides.com