LinuxCBT.com

Syllabus

Focus: Secure Shell Version 2x

Duration: 16-Hours

  • Open Secure Shell version 2 (OpenSSHv2) Security - Module VIII

    • Introduction - Topology - Features
      • Discuss course outline
      • Explore system configuration
      • Identify key systems to be used
      • Explore network topology
      • Enumerate and discuss key OpenSSHv2 features
    •  
    • Identify Key OpenSSHv2 Components
      • Identify installed OpenSSHv2 related packages
      • Peruse related startup and run-control script files
      • Locate 'sshd' on the file system
      • Discuss related client | server configuration files
    •  
    • OpenSSHv2 Client - /ssh/
      • Discuss features and benefits
      • Obtain shell access on a remote system
      • Configure /etc/hosts to provide local name resolution for OpenSSHv2
      • Identify and discuss pseudo-terminals - pty
      • Redirect X11/X.org traffic to localhost via SSH
      • Bind 'ssh' to specific source IP address and test connectivity
      • Execute commands on remote system without allocating a pseudo-terminal
      • Debug 'ssh' connectivity
      • Explore the system-wide client configuration file
      • Explore user configuration file
    •  
    • Secure Copy Program (SCP) - /scp/
      • Discuss features and benefits
      • Locate 'scp' on the file system
      • Discuss usage
      • Copy, non-interactively, previously generated data to remote systems
      • Test 'scp' with global and user configuration directives
      • Debug 'scp' connectivity
      • Limit transfer rate to conserve bandwidth
    •  
    • Secure File Transfer Program (SFTP) - /sftp/
      • Discuss features and benefits
      • Locate 'sftp' on the file system
      • Discuss usage
      • Connect to remote system using 'sftp' interactive shell
      • Issue puts and gets and evaluate results
      • Identify the sftp-server subsystem
      • Peruse process list while connected to OpenSSHv2 server
      • Illustrate batch file usage
    •  
    • SSH Key Scan Utility - /ssh-keyscan/
      • Discuss features and benefits
      • Locate 'ssh-keyscan' on the file system
      • Discuss usage
      • Scan the network from STDIN for OpenSSHv2 public keys - RSA (SSHv1 & SSHv2) | DSA
      • Scan the network based on a file with a list of hosts for OpenSSHv2 public keys
      • Populate ~/.ssh/known_hosts file using 'ssh-keyscan' with BASH for loop
      • Compare and contrast STDOUT with the output file
    •  
    • SSH Key Generation Utility - /ssh-keygen/
      • Discuss features and benefits
      • Locate 'ssh-keygen' on the file system
      • Discuss usage
      • Generate RSA-2 usage keys
      • Identify RSA-2 public and private key pair
      • Generate DSA usage keys
      • Identify DSA public and private key pair
      • Expose usage keys' fingerprint using 'ssh-keygen'
      • Generate RSA-2 | DSA usage keys for all hosts
    •  
    • Public Key Infrastructure (PKI) - Password-less Logins
      • Discuss features and benefits
      • Identify key files for client and server implemenation of password-less (PKI-based) logins
      • Copy manually, RSA-2 | DSA public keys to remote system's ~/.ssh/authorized_keys file
      • Test password-less logins
      • Use 'ssh-copy-id' to seamlessly populate remote system with RSA-2 | DSA usage keys
      • Test password-less connectivity after using 'ssh-copy-id'
      • Confirm password-less connectivity using SSH clients /ssh|scp|sftp/ in debug mode
      • Connect to privileged account from non-privileged account using PKI
      • Configure RSA-1 connectivity using PKI
    •  
    • System-wide OpenSSHv2 Configuration Directives
      • Identify key directory and files associated with client | server configuration
      • Explore primary server configuration file
      • Discuss applicability of directives
      • Alter and test several SSHD directives
      • Explore OpenSSHv2 configuration on RedHat Linux
      • Explore OpenSSHv2 configuration on Solaris 10
    •  
    • Port Forwarding - Pseudo-VPN Support - /Local|Remote|Gateway/
      • Discuss features and benefits
      • Implement local port forwarding using 'ssh'
      • Configure remote port forwarding using 'ssh'
      • Test circumvention of local firewall using remote port forwarding
      • Implement gateway ports to share forwarded /local|remote/ with connected users
      • Test connectivity
    •  
    • Windows Integration - /PuTTY|WinSCP/
      • Discuss features and applications
      • Download and install PuTTY
      • Explore PuTTY's features
      • Configure PKI logins
      • Download and install WinSCP
      • Explore WinSCP's features
      • Move data between Windows, Linux and Solaris
    •  
    • Syslog | Syslog-NG Configuration
      • Discuss features and benefits
      • Identify default configuration
      • Redirect OpenSSHv2 data using Syslog and Syslog-NG
      • Examine results
      • Enable debugging
    •  
    • Host-based Authentication
      • Discuss applicability and caveats
      • Identify key configuration files and directives
      • Implement host-based authentication
      • Test results
    •  
    • OpenSSHv2 Source Installation
      • Discuss features and benefits
      • Download current OpenSSHv2 source code
      • Compile and install
      • Restart services|daemons
      • Test new version of OpenSSHv2
    •  
    • Secure OpenSSHv2 Implementation
      • Discuss features and benefits
      • Identify key configuration file
      • Enumerate and implement key directives
      • Test configuration
    •  
    • Upgrade OpenSSHv2
      • Identify target systems
      • Download latest OpenSSH source code
      • Compile with compatible options
      • Test installation
    •  
    • CHROOT - SFTP Connections
      • Discuss features and benefits
      • Implement CHROOT SFTP sessions for specific users
      • Evaluate results
    •  

LinuxCBT OpenSSHv2 Edition

  •  
DEMO