Firewalling a Secure Shell Service
نویسندگان
چکیده
The security threats to networked systems have increased. The demand for accessing hosts remotely in a secure manner is therefore also increasing. In order to meet this demand, many users and network administrators use the Secure Shell (SSH) service. However, the SSH system may be configured with insecure defaults. A proxy in-between an SSH server and its clients is one possible way to enforce an organisation’s security policy while allowing such users and network administrators to continue to use the service. The proxy presented here has been developed from the SSH version 1 (SSH-1) source code and it helps network managers to enforce a desirable policy, such as allowing the use of strong authentication methods and avoiding security flaws in the server configuration. Keywords– Authentication, firewall, proxy, security, SSH
منابع مشابه
CDSS: Secure Distribution of Software Installation Media Images in a Heterogeneous Environment
CDSS is a framework for the distribution of software installation media images and their contents over multiple file sharing protocols. The CDSS system provides a unique isolated server instance for every accessing user, even when another instance of that server is already running. CDSS uses the Linux host-based firewall system to transparently redirect inbound connections from each user to his...
متن کاملDeveloping a Secure Grid Computing Environment Shell Engine
We describe the design and features of our Grid Computing Environments Shell system, or GCEShell. We view computing Grids as providing essentially a globally scalable distributed operating system that exposes low level programming APIs. From these system-level commands we may build a higher level library of more userfriendly shell commands, which may in turn be programmed through scripts. The G...
متن کاملDeveloping a Secure Grid Computing Environment Shell Engine: Containers and Services
We describe the design and features of our Grid Computing Environments Shell system, or GCEShell. We view computing Grids as providing essentially a globally scalable distributed operating system that exposes low level programming APIs. From these system-level commands we may build a higher level library of more user-friendly shell commands, which may in turn be programmed through scripts. The ...
متن کاملRemote Authentication Dial-In User Service (RADIUS) Usage for Simple Network Management Protocol (SNMP) Transport Models
This memo describes the use of a Remote Authentication Dial-In User Service (RADIUS) authentication and authorization service with Simple Network Management Protocol (SNMP) secure Transport Models to authenticate users and authorize creation of secure transport sessions. While the recommendations of this memo are generally applicable to a broad class of SNMP Transport Models, the examples focus...
متن کاملPeer Service Networks — Distributed P2P Middleware
Massively distributed peer-to-peer (P2P) computing systems offer unprecedented levels of computing power. However there is no widely used peer interface and as a result many P2P systems have been developed to support specific services. This paper proposes a P2P middleware architecture that directly supports the formation of service networks based on secure interconnections between peers. The P2...
متن کامل