This section will give you a very good explanation so as we move forward to see the security risks and as well as best practices for addressing those risks. To have a better understanding of what all of these risks and best practices applied to let’s start our explanation:
Let’s consider an Example : There is a server called server A and a network administrator is responsible for administrating access to that server and one of the administrators for the application on this server is Sofia She needs to be able to login to the server remotely and perform her operations with a command line.
To do this first of all she is going to need an account on the server. But in addition to that the administrator has to give her an access to the server . So the administrator is going to set up an SSH server and going to use these components. Here we are discussing about open SSH which is most specifically and broadly used. It is also a most popular SSH implementation. There are other SSH implementations, but in this case we are just going to talk about an Open SSH implementation. So here we go ahead and install or activate an SSH server. Often times it is activated by default and on many systems when it gets activated it’s going to generate a key Pair that is generated to authenticate that sever. Now, on many servers based on the algorithm that they support , there may be multiple keys that they support. But we are just going to focus on one key pair that is used to authenticate the server. So in this particular case, the key pair is used for this server to authenticate software of any kinds. Now in addition to that key pair, we also need a configuration part which is very important process SSHd which is called as SSHd-config. This configuration part has options that allow you to configurate operations like security.
Now with this server setup Sofia needs some components so she can connect. She is going to need some sort of an SSH client which can be an SSH command line which can be provided by open SSH or can be PUTTY or some other SSH implementations. Let’s say in this example she is going to use SSH command line. Now with that there is also a configuration part which impacts both operations and security. This is called SSH_config. Now with these components in place Sofia can now connect up with server and you notice that the server provides back its Public Key when she connects and when the first time she connects her client is going to check whether they have connected before on server A. If it has seen the Public Key before then the server will review it and will display that key for her. Now she should do some check with the server A and send message as Ok can you make sure this is the correct Public Key. In most of the cases a lot of people that are using SSH would just type yes or click Yes or do whatever needs to get it out of way when they do that what happens is that the key gets stored.
When Sofia does that it gets stored in the known host file as it is called with that Public key and also the name of the server and so with this, each time, when she types in the server A going forward, it will get back to the same Public Key and say I trust this, is all ready and it won’t prompt Sofia at all.
So, obviously it is important that Sofia makes sure that it is right Public Key. Once we have these pieces in Place then the SSH components need to decide the client and the server can encrypt that session and now she can log in securely with her password. The password would be encrypted and would be provided to the server . The server will verify that password and now Sofia can login and perform her operations.
Let’s see Sofia manages quite a few servers and she gets tired of typing a password every time so she does some searching and she reads that she can generate her own key pair which includes a private key and also a public key. Because server A allow her to go to that place where public key are generated into a file called authorized keys i.e. Auth-Keys in the server A account.
Once the server A do this the next time Sofia is going to log in without having to put in password to the server. Server A may protect the Private key with a password and Public key authentication. We say Sofia manages many servers so let’s consider there is one more server i.e. server B and when Sofia connects to it for the first time a connection is going to be prompted for the public key for the server B. and she has to confirm by saying Yes. When she does that the client will place that into a known host file and the trust is going forward and never prompted again and then she can go ahead and authenticate the server B without having to put in her password.
Here we can see many components like one client and two servers and we got quite a few keys in play. We have got some of the risks. Thus we can see how different components can come over and provide you with the necessary security.