enhance openssh for fun and security enhance openssh for
play

Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and - PowerPoint PPT Presentation

Aug 13, 2023 •348 likes •1.07k views

Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for

  1. Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Enhance OpenSSH for Fun and Security Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe LinuxCon Europe October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015 October 5, 2015

  2. Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Match User roidelapluie Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto Julien Pivotto • Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu Sysadmin at inuits .eu • FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 FLOSS user since 2004 • DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer DevOps believer • @roidelapluie @roidelapluie @roidelapluie @roidelapluie @roidelapluie @roidelapluie @roidelapluie on irc/twitter/github @roidelapluie @roidelapluie @roidelapluie @roidelapluie @roidelapluie @roidelapluie @roidelapluie on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github on irc/twitter/github @roidelapluie @roidelapluie @roidelapluie on irc/twitter/github on irc/twitter/github on irc/twitter/github

  3. inuits .eu

  4. World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 World, 2015 Licensed under a Creative Commons Attribution 2.0 License https://www.flickr.com/photos/80497449@N04/10012162166

  5. Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices Connected devices • M M M M M M Mainframes M M M M M M M M M M • S S S S S S S S S S S S S S S S Servers • V V V V V V V V V V V Virtual machines V V V V V • C C C C C C C C C Containers C C C C C C C • I I I I I I I I I I I I I I I I IoT

  6. Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors Entrance Doors • P P P P P P P P P P P P P P P P Physical Access • T T T T T T T T T T Telnet T T T T T T • R R R R R R RSH R R R R R R R R R R • S S S S S S S S S SSH S S S S S S S • H H H H H H H H H H HTTPS H H H H H H • … … … … … … … … … … … … … … … … …

  7. SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH • D D D D D D Dozens of implementations D D D D D D D D D D • O O O O O O O O O O O O O O O O OpenSSH • D D D D D D D D D D D Dropbear (embedded) D D D D D • C C C C C C C C C Closed-source C C C C C C C • … … … … … … … … … … … … … … … … …

  8. SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH SSH • D D D D D D D D D D D Dozens of usecases D D D D D • S S S S S S S S S S S S S Shell access and TCP Tunelling S S S • C C C C C C C C C C C C C Code (git) C C C • F F F F F F F F F F F F F F F F File transfert (sftp) • X X X X X X X X X X X X X X X X X terminal (x2go) • A A A A A A A A A A A A A A A A Automation (ansible) • … … … … … … … … … … … … … … … … …

  9. OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH Licensed under a Creative Commons Attribution 2.0 License https://www.flickr.com/photos/pennuja/5399766800

  10. OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH OpenSSH • D D D D D D Developed by the OpenBSD project D D D D D D D D D D • R R R R R R Released first in 1995 R R R R R R R R R R • S S S S S S S S S Server/Client implementation S S S S S S S • I I I I I I I I Included in BSD, Linux, Cygwin, Mac OS X, … I I I I I I I I • A A A A A A A A A A A A A A A A Available in many other platforms

  11. Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope Out of scope • F F F F F F Firewalling, OS, … F F F F F F F F F F • B B B B B B B B Basic tips: RootLogin, Pubkeys, … B B B B B B B B • C C C C C C C C C C C C C C C C Crypto/Encryption/Key Exchanges https://stribika.github.io/2015/01/04/secure-secure- shell.html

  12. Security Security Security Security Security Security Security Security Security Security Security Security Security Security Security Security Security Licensed under a Creative Commons Asstribution-ShareAlike 2.0 License https://www.flickr.com/photos/111692634@N04/11406986014

  13. Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense Common sense • D D D D D D D D Do you need SSH? (immutable infra, containers…) D D D D D D D D • K K K K K K K K KISS K K K K K K K K • C C C C C C C C Chose what will get public IP and then exposition.. C C C C C C C C hypervisors vs vms? • P P P P P P P P P P P P P P P P Port 22 is not Evil

  14. Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Server-side Licensed under a Creative Commons Attribution 2.0 License https://www.flickr.com/photos/56001405@N06/6187271613

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Security Measures in OpenSSH Damien Miller djm@openbsd.org Introduction Describe the

Security Measures in OpenSSH Damien Miller djm@openbsd.org Introduction Describe the

Security Measures in OpenSSH Damien Miller djm@openbsd.org Introduction Describe the security measures in OpenSSH What they are How we implemented them How well they work Why? OpenSSH is an

359 views • 32 slides
your exercise Order of Presentations Team Topic 212 Distributed file systems 209 OpenSSH:

your exercise Order of Presentations Team Topic 212 Distributed file systems 209 OpenSSH:

The iLab Experience a blended learning hands-on course concept you set the focus Create Your Own Lab July 5, 2016 your exercise Order of Presentations Team Topic 212 Distributed file systems 209 OpenSSH: More than a remote shell 207

1.21k views • 118 slides
Advanced Usage of OpenSSH Sean Cody MUUG Presentation September 9, 2008 Tuesday, September 9,

Advanced Usage of OpenSSH Sean Cody MUUG Presentation September 9, 2008 Tuesday, September 9,

Advanced Usage of OpenSSH Sean Cody MUUG Presentation September 9, 2008 Tuesday, September 9, 2008 1 Who am I? Senior Systems Administrator for Prime Focus VFX Services (formerly Frantic Films VFX). Editor at The OpenBSD Journal

694 views • 54 slides
1.113.5 2.113.7 Set up secure shell (OpenSSH) Setup and configure basic DNS services Setup and

1.113.5 2.113.7 Set up secure shell (OpenSSH) Setup and configure basic DNS services Setup and

2 2.113.4 Properly manage the NFS, smb, and nmb daemons 2.113.5 Setup and configure basic DNS services [] 1.113.5 2.113.7 Set up secure shell (OpenSSH) Setup and configure basic DNS services Setup and Configure basic DNS services Candidate

469 views • 6 slides
End result Implementation Resources used Google maps Formsbased worksheets in both

End result Implementation Resources used Google maps Formsbased worksheets in both

4/16/2019 The teaching goal: Dept Earth, Ocean & Atmospheric Sciences Enhance student motivation Automating Creative, Peerreviewed Projects to Enhance Tactics known to enhance motivation: Motivation in a large 1 st yr course

643 views • 4 slides
To enhance and prolong human life Developing biotechnologies to enhance & prolong human life

To enhance and prolong human life Developing biotechnologies to enhance & prolong human life

To enhance and prolong human life Developing biotechnologies to enhance & prolong human life Team CORPORATE FACTS Location: Vancouver, BC (UBC spin-off) Founders: Geoffrey Hoffmann and George Hoffmann Intellectual Property: 6 Patent

770 views • 40 slides
A voluntary program aimed to enhance the security of the international supply chain The

A voluntary program aimed to enhance the security of the international supply chain The

A voluntary program aimed to enhance the security of the international supply chain The program is based on the main building blocks of the WCO SAFE Framework of Standards AEOs will benefit the facilitation in Israel's foreign trade

454 views • 16 slides
How nCipher HSMs enhance security for Red Hat OpenShift Platform www.ncipher.com Red Hat and

How nCipher HSMs enhance security for Red Hat OpenShift Platform www.ncipher.com Red Hat and

How nCipher HSMs enhance security for Red Hat OpenShift Platform www.ncipher.com Red Hat and nCipher partnership history Long standing 10+ years technology partnership Supported integrations Red Hat Enterprise Linux Certificate System

712 views • 10 slides
Enhance protection from security bugs in the Xen hypervisor Anthony PERARD Xen architecture

Enhance protection from security bugs in the Xen hypervisor Anthony PERARD Xen architecture

Enhance protection from security bugs in the Xen hypervisor Anthony PERARD Xen architecture Dom0 VMs QEMU Xen Scheduler MMU vPIC Memory CPUs I/O HW Emulation in hypervisor For performance Examples: Interrupt controller

859 views • 20 slides
Leveraging IT to Enhance Physical Security Posture: Paving the Foundation to Success July 20,

Leveraging IT to Enhance Physical Security Posture: Paving the Foundation to Success July 20,

Leveraging IT to Enhance Physical Security Posture: Paving the Foundation to Success July 20, 2016 Carla Reid, GM/CEO Tom Street, DGM-Administration Mujib U. Lodhi Harvey Baker Kenn Bengtsson Our Strategic Focus An IT Strategy

214 views • 18 slides
BRIDGING THE GAP TO ENHANCE RETIREMENT SECURITY A P R I L 2 0 2 0 JOSH COHEN NATHAN SHEETS

BRIDGING THE GAP TO ENHANCE RETIREMENT SECURITY A P R I L 2 0 2 0 JOSH COHEN NATHAN SHEETS

BRIDGING THE GAP TO ENHANCE RETIREMENT SECURITY A P R I L 2 0 2 0 JOSH COHEN NATHAN SHEETS DENNIS SIMMONS PGIM Institutional PGIM Fixed Income CIEBA Relationship Group Confidential - Not for Further Distribution. For Professional

751 views • 19 slides
Some SSH tips & tricks you may enjoy (plus, iptables) D. H. van Dok (Nikhef) 2014-05-19

Some SSH tips & tricks you may enjoy (plus, iptables) D. H. van Dok (Nikhef) 2014-05-19

Some SSH tips & tricks you may enjoy (plus, iptables) D. H. van Dok (Nikhef) 2014-05-19 getting the most (security) out of your openssh The users perspective: least amount of hassle tradeoff between anxiety, angst and

559 views • 19 slides
Groundwater rational use to enhance urban water security under global change Lead researcher:

Groundwater rational use to enhance urban water security under global change Lead researcher:

AfWA Conference, Bamako, Mali, February 2018 Governance and institutional framework session Groundwater rational use to enhance urban water security under global change Lead researcher: Dr. Stephen Foster , IAH past Pres. and , visiting Pr.,

221 views • 20 slides
Public Economic and sectoral Policies to enhance Food & Nutrition security and agriculture in

Public Economic and sectoral Policies to enhance Food & Nutrition security and agriculture in

Public Economic and sectoral Policies to enhance Food & Nutrition security and agriculture in the context of the SDGs and the Post 2015 Agenda Mariama Williams, Ph.D. South Centre Workshop, Food Security in the Post 2015 Development

451 views • 16 slides
Energy in Transition: How Green Energy Investments Enhance Energy Security Dr. Spyros Kiartzis

Energy in Transition: How Green Energy Investments Enhance Energy Security Dr. Spyros Kiartzis

Energy in Transition: How Green Energy Investments Enhance Energy Security Dr. Spyros Kiartzis Manager New Technologies & Alternative Energy Sources 11 th International Conference on Energy and Climate Change, Athens, 10 October 2018

588 views • 21 slides
Do Containers Enhance Application Level Security? Benjy Portnoy, CISA, CISSP # whoami

Do Containers Enhance Application Level Security? Benjy Portnoy, CISA, CISSP # whoami

Do Containers Enhance Application Level Security? Benjy Portnoy, CISA, CISSP # whoami BlueCoat-> Symantec Director, DevSecOps @AquaSecTeam I know, Ill use Ruby on Rails! * Thanks To Jim Brickman@gruntwork.io > gem install rails

960 views • 53 slides
Programming abstractions and analysis recursion 10101011110101 Mikko Kivel

Programming abstractions and analysis recursion 10101011110101 Mikko Kivel

01110111010110 11110101010101 00101011010011 01010111010101 01001010101010 10101010101010 Programming abstractions and analysis recursion 10101011110101 Mikko Kivel 01010101011101 01010111010110 Department of Computer Science

1.07k views • 58 slides
Baton: Certificate Agility for Android's Decentralized Signing Infrastructure David Barrera ,

Baton: Certificate Agility for Android's Decentralized Signing Infrastructure David Barrera ,

Baton: Certificate Agility for Android's Decentralized Signing Infrastructure David Barrera , Daniel McCarney, Jeremy Clark, Paul van Oorschot Carleton University, Ottawa General Problem Selective updates - Prevent files from being

273 views • 25 slides
Robustness of Interconnection Networks 3rd JLESC Summer School Atsushi Hori RIKEN AICS 16

Robustness of Interconnection Networks 3rd JLESC Summer School Atsushi Hori RIKEN AICS 16

1 Robustness of Interconnection Networks 3rd JLESC Summer School Atsushi Hori RIKEN AICS 16 6 28 Self Introduction Atsushi Hori - System Software Researcher The oldest and largest governmental research institute in

1.15k views • 62 slides
How to Create an Automated Lead Nurturing Campaign How to Create Content for Every Stage of

How to Create an Automated Lead Nurturing Campaign How to Create Content for Every Stage of

How to Create an Automated Lead Nurturing Campaign How to Create Content for Every Stage of the Buyer Journey Companies that excel at lead nurturing generate 50% more sales ready leads at 33% lower costs. Forrester Research 65%

721 views • 34 slides
GnuPG 2.1 Explained for Everyone Niibe {Yutaka, Hitoe, Hiroshi, Ayumi} John Paul Adrian Glaubitz

GnuPG 2.1 Explained for Everyone Niibe {Yutaka, Hitoe, Hiroshi, Ayumi} John Paul Adrian Glaubitz

GnuPG 2.1 Explained for Everyone Niibe {Yutaka, Hitoe, Hiroshi, Ayumi} John Paul Adrian Glaubitz Contents GPG 2.1 is not beta software Everyone relies on GnuPG Debian and GnuPG 3 GPG Branches What's New in 2.1?

733 views • 25 slides
Lecture 9: Torus Networks Abhinav Bhatele, Department of Computer Science Announcements

Lecture 9: Torus Networks Abhinav Bhatele, Department of Computer Science Announcements

High Performance Computing Systems (CMSC714) Lecture 9: Torus Networks Abhinav Bhatele, Department of Computer Science Announcements Assignment 2 on OpenMP is online: due on October 7 Abhinav Bhatele, CMSC714 2 Summary of last lecture

680 views • 12 slides
Stochastic Processes, Kernel Regression, Infinite Mixture Models Gabriel Huang (TA for Simon

Stochastic Processes, Kernel Regression, Infinite Mixture Models Gabriel Huang (TA for Simon

Stochastic Processes, Kernel Regression, Infinite Mixture Models Gabriel Huang (TA for Simon Lacoste-Julien) IFT 6269 : Probabilistic Graphical Models - Fall 2018 Stochastic Process = Random Function 2 Today Motivate Gaussian and

1.13k views • 79 slides
Routing on the Channel Dependency Graph Satoshi MATSUOKA Laboratory, GSIC, Tokyo SIAM PP18,

Routing on the Channel Dependency Graph Satoshi MATSUOKA Laboratory, GSIC, Tokyo SIAM PP18,

Routing on the Channel Dependency Graph Satoshi MATSUOKA Laboratory, GSIC, Tokyo SIAM PP18, Waseda University, Tokyo, 2018 -02-09 Institute of Technology Jens Domke, Dr. 1 Jens Domke Outline Motivation Routing Deadlocks and

954 views • 35 slides

More recommend