Security+
05C_Secure Remote Administration Protocols (1)
Prepared by VITAC
Tel: (855) 958 2531
hello@vitac.com
www.vitac.com
Job ID: 224005
Security+
05C_Secure Remote Administration Protocols (1)
2
CLOCK INFO:
NO CLOCK SCREEN
Job ID: 224005
Security+
05C_Secure Remote Administration Protocols (1)
3
Time-codes
Dialogue
01:00:00:00
COLD OPEN
01:00:04:17
Male, brown curly hair, black shirt
When it comes to Secure Remote Administration Protocols, Secure Shell is one
of those defacto standards. Let's take a look here at, kinda, how Secure Shell
works out of the box and then, once you've done a little bit of configuration. So,
I've got an Ubuntusystem here, and I'm going to connection to a remote system.
My remote system here is my green little parrot system with the IP address of
192.168.109, okay? So, that's the remote system that I'm going to connect to. I'm
just copying and pasting here so that I can do it very easily, 'cause you don't
wanna see how badly I type in front of a camera. So, basically, I'm going to use
the SSH command here, and I'm going to connect to that system. Now, the first
thing that happens is you get this little message here; it's not an error message,
but it's saying, "Are you sure that this is the host that you want to connect to?" I've
never connected to it before, here's the fingerprint, is this really the system you
wanna connect to? And it's doing this because you're relying on passwords right
now. So, I'm gonna say "Yes" and then it's gonna say, "Well, what password do
you want?" and I know the password to that remote parrot green system here.
Let's see if I can type it right here. There it is. Notice where it says, "Parrot Sec"
I'm into that system. Well, there are a couple issues here with what I just did. Now
I'm back into my Ubuntu system, so let me clear the screen. The first problem is
that I did use a password, okay? And, even though Secure Shell encrypts by
default, it's never a good idea to throw a password across a network. Why do
that? Set up a trust relationship first. So, one way that you can do that is, you
generate a key pair; SSH-key jam, there it is, and I'm gonna generate a key
parrot and it's gonna ask me where I wanna put it. I'll just leave it to the default
here. I will not use a pass phrase. And there is my key pair. So, what I can do
here is I can go in here to my pub key. I've cadded it there and, for the sake of
Job ID: 224005
Security+
05C_Secure Remote Administration Protocols (1)
4
being very obvious, and I don't want to use any automated tools that do exist, I've
copied this key here, and I'm gonna go here to my parrot system here and I'm
going to edit the authorized keys file. I'm gonna put in the public key of that
remote Ubuntu system in here. Now, let me go back to the remote Ubuntu system
here. Now, basically, what I've done is setup a trust relationship. So, the next time
I go into SSH and go in, notice what just happened. I've logged directly into
parrot, without providing a password. That's not because SSH stored the
password, or anything like that. That's because I setup a trust relationship with
this remote parrot system, and I was able to get right in because it says, well, I
already trust you, so there's no need for a password. When you do remote
protocols such as this, it's always good to use those trust relationships. Although
they can be abused if a hacker gets in another way, those trust relationships are
very good because it allows you to not use passwords across the Internet.
01:03:30:29
END OF PROGRAMME
0
