Professional Documents
Culture Documents
Maha A. Saya, Naofal Mohamad Hassin Naofal Mohamad Hassin Azeez and Rana Sabah Naser Rana Sabah Naser
Maha A. Saya, Naofal Mohamad Hassin Naofal Mohamad Hassin Azeez and Rana Sabah Naser Rana Sabah Naser
Abstract - SSH is a cryptographic network protocol for secure data communication remote command_
line login. The programmer uses it for protecting the transferred information between him and another
source. in some time, an attacker can hack it and take this information. To solve the problem, the
protocol must be more secure,, this paper aims to improve this protocol col by changing the file
configuration for it and increase the ratio of security.
I. INTRODUCTION
SSH, also known as Secure Socket Shell, is a network protocol that offers administrators with a
safe way to access a remote computer. SSH also refers to the group of utilities that implement the
protocol. Secure Shell provides authentication and secures encrypted data communications between two
computers connecting over an unsafe network such as the Internet. SSH is widely used by network
administrators for managing organizations and applications remotely, allowing them to log in to another
computer over a network, perform commands and move files from one computer to another.
The SSH first version appeared in 1995 and was designed by Tatu Ylönen, a researcher at
Helsinki University of Technology who founded SSH Communications Security. Over time various
flaws have been found in SSH-11 and it is now canceling. The current package of Secure Shell protocols
is SSH-22 and was adopted as a standard in 2006. It's not compatible with SSHSSH-11 and uses a Diffie-
Hellman key exchange and a stronger integrity check that uses message authentication codes to improve
security. SSH clients and servers can use some encryption methods, the mostly widely used being AES
and Blowfish.
As yet, there are no known weak points in SSH2, though information leaked by Edward
Snowden in 2013 suggests the National Security Agency may be able to decrypt some SSH traffic.
II. PROPOSED PLAN
In this paper , SSH is must be installed, it's important distinguishing between sshd-
sshd config. for
server and ssh-config.
config. for client , the work must be on Linux because it supports SSH. After opening
configuration file for SSH , the changing must be oon n port, banner, password , allowing and denying
users , specifying ratio of connection, and knowledge of attacker tries for accessing
III. METHODOLOGY
Ubuntu supports SSH; a programmer can know that by typing SSH in a terminal.
LogLevel INFO
and change it to this:
LogLevel VERBOSE
6th (Display a Banner):
If a programmer wants to try to scare attackers, it can be funny to display a banner containing
legalese. This doesn't give any security because anyone that's managed to break in won't care about a
"no trespassing" sign--but it might give a bad guy a chuckle.To add message as a banner that will be
displayed before authentication, find this line:
#Banner /etc/issue.net
and replace it with:
Banner /etc/issue.net
The massage is added by writing the instruction :
sudo gedit /etc/issue.net
Figure (2) illustrate the message to scare the attackers.
REFERENCES
[1] Daniel Barrett and Richard E. Silverman," SSH, the Secure Shell: The Definitive Guide", USA: O'Reilly & Associates,
2001.
[2] Nicholas Rosasco and David Larochelle, "How and Why More Secure Technologies Succeed in Legacy Markets:
Lessons from the Success of SSH".2004
[3] Stebila D. and Green J., "RFC5656 - Elliptic Curve Algorithm Integration in the Secure Shell Transport
Layer",November 2012.
[4] Miller D. and Valchev P., "The use of UMAC in the SSH Transport Layer Protocol / draft-miller-secsh-umac-00.txt",
2012.
[5] Sobell, Mark ," A Practical Guide to Linux Commands, Editors, and Shell Programming (3rd Edition)", Upper Saddle
River, NJ: Prentice Hall. pp. 702–704. ISBN 978-0133085044,2012.
[6] Damien Miller ." SSH tips, tricks & protocol". August 2002.
[7] Florian Bergsm , Benjamin Dowling, Florian Kohlar , Jorg Schwenk and Douglas Stebila ," Multi-cipher suite security
of the Secure Shell (SSH) protocol ". August 19, 2014.