LinuxCBT OpenSSHv2 Edition encompasses: 1. OpenSSHv2 (SSHv2) Security.

LinuxCBT OpenSSHv2 Edition focuses on the implementation of Open Secure Shell Version 2 (OpenSSHv2) on various Linux | Unix platforms.

OpenSSHv2 is central to the confidentiality and integrity of data transmissions across secure (VPN | Private Line) and insecure (Internet | Intranet) networks (conduits). It is included with modern Linux | Unix operating systems and provides a plethora of useful data-transfer features, backed by Public Key Infrastructure (PKI) and asymmetric encryption technologies.

Let LinuxCBT OpenSSHv2 Edition cost-effectively sharpen your SSHv2 skills!

Recommended Prerequisites for:

• Any LinuxCBT Operating System Course (Classic/EL-4/SUSE/Debian Editions)
  • Open mind & determination to master Linux and related open-source applications
  • Basic understanding of networking concepts
  • Access to a PC to follow the exercises

OpenSSHv2 Security - Module 1

• Introduction - Topology - Features
  • Discuss course outline
  • Explore system configuration
  • Identify key systems to be used
  • Explore network topology
  • Enumerate and discuss key OpenSSHv2 features
• Identify Key OpenSSHv2 Components
  • Identify installed OpenSSHv2 related packages
  • Peruse related startup and run-control script files
  • Locate 'sshd' on the file system
  • Discuss related client | server configuration files
• OpenSSHv2 Client - /ssh/
  • Discuss features and benefits
  • Obtain shell access on a remote system
  • Configure /etc/hosts to provide local name resolution for OpenSSHv2
  • Identify and discuss pseudo-terminals - pty
  • Redirect X11/X.org traffic to localhost via SSH
  • Bind 'ssh' to specific source IP address and test connectivity
  • Execute commands on remote system without allocating a pseudo-terminal
  • Debug 'ssh' connectivity
  • Explore the system-wide client configuration file
  • Explore user configuration file
• Secure Copy Program (SCP) - /scp/
  • Discuss features and benefits
  • Locate 'scp' on the file system
  • Discuss usage
  • Copy, non-interactively, previously generated data to remote systems
  • Test 'scp' with global and user configuration directives
  • Debug 'scp' connectivity
  • Limit transfer rate to conserve bandwidth
• Secure File Transfer Program (SFTP) - /sftp/
  • Discuss features and benefits
  • Locate 'sftp' on the file system
  • Discuss usage
  • Connect to remote system using 'sftp' interactive shell
  • Issue puts and gets and evaluate results
  • Identify the sftp-server subsystem
  • Peruse process list while connected to OpenSSHv2 server
  • Illustrate batch file usage
• SSH Key Scan Utility - /ssh-keyscan/
  • Discuss features and benefits
  • Locate 'ssh-keyscan' on the file system
  • Discuss usage
  • Scan the network from STDIN for OpenSSHv2 public keys - RSA (SSHv1 & SSHv2) | DSA
  • Scan the network based on a file with a list of hosts for OpenSSHv2 public keys
  • Populate ~/.ssh/known_hosts file using 'ssh-keyscan' with BASH for loop
  • Compare and contrast STDOUT with the output file
• SSH Key Generation Utility - /ssh-keygen/
  • Discuss features and benefits
  • Locate 'ssh-keygen' on the file system
  • Discuss usage
  • Generate RSA-2 usage keys
  • Identify RSA-2 public and private key pair
  • Generate DSA usage keys
  • Identify DSA public and private key pair
  • Expose usage keys' fingerprint using 'ssh-keygen'
  • Generate RSA-2 | DSA usage keys for all hosts
• Public Key Infrastructure (PKI) - Password-less Logins
  • Discuss features and benefits
  • Identify key files for client and server implemenation of password-less (PKI-based) logins
  • Copy manually, RSA-2 | DSA public keys to remote system's ~/.ssh/authorized_keys file
  • Test password-less logins
  • Use 'ssh-copy-id' to seamlessly populate remote system with RSA-2 | DSA usage keys
  • Test password-less connectivity after using 'ssh-copy-id'
  • Confirm password-less connectivity using SSH clients /ssh|scp|sftp/ in debug mode
  • Connect to privileged account from non-privileged account using PKI
  • Configure RSA-1 connectivity using PKI
• System-wide OpenSSHv2 Configuration Directives
  • Identify key directory and files associated with client | server configuration
  • Explore primary server configuration file
  • Discuss applicability of directives
  • Alter and test several SSHD directives
  • Explore OpenSSHv2 configuration on RedHat Linux
  • Explore OpenSSHv2 configuration on Solaris 10
• Port Forwarding - Pseudo-VPN Support - /Local|Remote|Gateway/
• Discuss features and benefits
• Implement local port forwarding using 'ssh'
• Configure remote port forwarding using 'ssh'
• Test circumvention of local firewall using remote port forwarding
• Implement gateway ports to share forwarded /local|remote/ with connected users
• Test connectivity
• Windows Integration - /PuTTY|WinSCP/
  • Discuss features and applications
  • Download and install PuTTY
  • Explore PuTTY's features
  • Configure PKI logins
  • Download and install WinSCP
  • Explore WinSCP's features
  • Move data between Windows, Linux and Solaris
• Syslog | Syslog-NG Configuration
  • Discuss features and benefits
  • Identify default configuration
  • Redirect OpenSSHv2 data using Syslog and Syslog-NG
  • Examine results
  • Enable debugging
• Host-based Authentication
  • Discuss applicability and caveats
  • Identify key configuration files and directives
  • Implement host-based authentication
  • Test results
• OpenSSHv2 Source Installation
  • Discuss features and benefits
  • Download current OpenSSHv2 source code
  • Compile and install
  • Restart services|daemons
  • Test new version of OpenSSHv2
• Secure OpenSSHv2 Implementation
  • Discuss features and benefits
  • Identify key configuration file
  • Enumerate and implement key directives
  • Test configuration
• top