Simple way to protect SSH against or not protect against

Protect SSH

SSH will protect against

SSH (Secure Shell) is an open source network protocol that is used to connect local or remote Linux servers to transfer files, make remote backups, remote command execution and other network related tasks via scp or sftp between two servers that connects on secure channel over the network.

Seven important steps to Secure Shell protects against (again, from the README)

Step 1) Eavesdropping of data transmitted over the network.

Step 2) Manipulation of data at intermediate elements in the hosts.

Step 3) IP address spoofing where an attack hosts pretends to be a trusted host by sending packets with the source address of the trusted host. Ssh even protects against a spoofer on the local network, who can pretend he is your router to the outside.

Step 4) DNS spoofing of trusted host names/IP addresses, where an attacker forges name server records

Step 5) IP source routing, where a host can pretend that an IP packet comes from another, trusted host.

Step 6) Interception of cleartext passwords and other data by intermediate hosts

Step 7) Attacks based on listening to X authentication data and spoofed connection to the X11 server

SSH will not protect against

Secure Shell will not help you with anything that compromises your host’s security in some other way. Once an attacker has gained root access to a machine, he can then subvert ssh, too.

Step 1) Incorrect configuration or usages.

Step 2) A compromised root accounts.

Step 3) Insecure home directories: if an attacker can modify files in your home directory (e.g. via NFS) he may be able to fool SSH

 


Vishwajit Kale

Vishwajit Kale blazed onto the digital marketing scene back in 2015 and is the digital marketing strategist of Hostripples, a company that aims to provide affordable web hosting solutions. Vishwajit is experienced in digital and content marketing along with SEO. He's fond of writing technology blogs, traveling and reading.