Difference between revisions of "Console SSH"

From IPLOG
Jump to: navigation, search
(Created page with "== Overview == The console is used for accessing the IPLOG-GAMA units configuration and management features using text terminals, either remotely using the SSH TCP/IP or direc...")
 
(English corretions)
 
(8 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
This console is used for accessing the IPLOG-GAMA units configuration and management features using text terminals, either remotely using the SSH TCP/IP or directly SSH via USB. The console is also used for writing scripts. This manual describes the general console operation principles.
 +
 +
== SSH (Cryptographic Network Protocol) ==
 +
'''Secure Shell (SSH)''' is a cryptographic network protocol for operating network services securely over an unsecured network. The best known example application is for remote login to computer systems by users.
 +
 +
SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2.
 +
 +
More:[https://en.wikipedia.org/wiki/Secure_Shell Secure Shell (SSH)]
 +
 
== Overview ==
 
== Overview ==
The console is used for accessing the IPLOG-GAMA units configuration and management features using text terminals, either remotely using the SSH TCP/IP or directly SSH via USB. The console is also used for writing scripts. This manual describes the general console operation principles.
 
  
Version: OpenSSH_7.4p1, OpenSSL 1.0.2k  26 Jan 2017
+
The '''SSH protocol''' is available in two incompatible varieties: '''SSH 1''' and SSH '''2'''.
  
 +
The older '''SSH 1''' protocol comes in two major sub-variants: protocol 1.3 and protocol 1.5. Support for both has been removed from OpenSSH as of the 7.6 release. Both used the asymmetric cryptography algorithm RSA (for which the USA patent has expired, allowing full use by everyone) for key negotiation and authentication, 3DES and Blowfish for privacy. It used a simple CRC for data integrity, which turned out to be flawed.
  
 +
The second major variety of SSH is the '''SSH 2''' protocol. '''SSH 2''' was invented to avoid the patent issues regarding RSA (patent issues which no longer apply, since the patent has expired), to fix the CRC data integrity problem that SSH1 has, and for a number of other technical reasons. By using the asymmetric DSA and DH algorithms, protocol 2 avoids all patents. The CRC problem is also solved by using a real HMAC algorithm. The SSH 2 protocol supports the many other choices for symmetric ciphers, as well as many other new features
  
  
 +
Current package version: '''OpenSSH_7.4p1, OpenSSL 1.0.2k'''
  
 +
Default settings: '''SSH2'''
  
 +
{{NotePre|text==
 +
root@buildroot:cat /etc/ssh/ssh_config
  
 +
# Host *
 +
#  ForwardAgent no
 +
#  ForwardX11 no
 +
#  RhostsRSAAuthentication no
 +
#  RSAAuthentication yes
 +
#  PasswordAuthentication yes
 +
#  HostbasedAuthentication no
 +
#  GSSAPIAuthentication no
 +
#  GSSAPIDelegateCredentials no
 +
#  BatchMode no
 +
#  CheckHostIP yes
 +
#  AddressFamily any
 +
#  ConnectTimeout 0
 +
#  StrictHostKeyChecking ask
 +
#  IdentityFile ~/.ssh/identity
 +
#  IdentityFile ~/.ssh/id_rsa
 +
#  IdentityFile ~/.ssh/id_dsa
 +
#  IdentityFile ~/.ssh/id_ecdsa
 +
#  IdentityFile ~/.ssh/id_ed25519
 +
#  Port 22
 +
#  Protocol 2
 +
#  Cipher 3des
 +
#  Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
 +
#  MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
 +
#  EscapeChar ~
 +
#  Tunnel no
 +
#  TunnelDevice any:any
 +
#  PermitLocalCommand no
 +
#  VisualHostKey no
 +
#  ProxyCommand ssh -q -W %h:%p gateway.example.com
 +
#  RekeyLimit 1G 1h
  
== About SSH ==
+
}}
'''Secure Shell (SSH)''' is a cryptographic network protocol for operating network services securely over an unsecured network. The best known example application is for remote login to computer systems by users.
 
  
SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2.
+
Information about the last connection parameters:
  
More information:[https://en.wikipedia.org/wiki/Secure_Shell Secure Shell (SSH)]
+
{{NotePre|text=
 +
root@buildroot: ssh -G host
 +
}}

Latest revision as of 10:54, 13 February 2019

This console is used for accessing the IPLOG-GAMA units configuration and management features using text terminals, either remotely using the SSH TCP/IP or directly SSH via USB. The console is also used for writing scripts. This manual describes the general console operation principles.

SSH (Cryptographic Network Protocol)

Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. The best known example application is for remote login to computer systems by users.

SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2.

More:Secure Shell (SSH)

Overview

The SSH protocol is available in two incompatible varieties: SSH 1 and SSH 2.

The older SSH 1 protocol comes in two major sub-variants: protocol 1.3 and protocol 1.5. Support for both has been removed from OpenSSH as of the 7.6 release. Both used the asymmetric cryptography algorithm RSA (for which the USA patent has expired, allowing full use by everyone) for key negotiation and authentication, 3DES and Blowfish for privacy. It used a simple CRC for data integrity, which turned out to be flawed.

The second major variety of SSH is the SSH 2 protocol. SSH 2 was invented to avoid the patent issues regarding RSA (patent issues which no longer apply, since the patent has expired), to fix the CRC data integrity problem that SSH1 has, and for a number of other technical reasons. By using the asymmetric DSA and DH algorithms, protocol 2 avoids all patents. The CRC problem is also solved by using a real HMAC algorithm. The SSH 2 protocol supports the many other choices for symmetric ciphers, as well as many other new features


Current package version: OpenSSH_7.4p1, OpenSSL 1.0.2k

Default settings: SSH2

=
root@buildroot:cat /etc/ssh/ssh_config

# Host *
#   ForwardAgent no
#   ForwardX11 no
#   RhostsRSAAuthentication no
#   RSAAuthentication yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   GSSAPIAuthentication no
#   GSSAPIDelegateCredentials no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/identity
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   IdentityFile ~/.ssh/id_ecdsa
#   IdentityFile ~/.ssh/id_ed25519
#   Port 22
#   Protocol 2
#   Cipher 3des
#   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
#   MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
#   VisualHostKey no
#   ProxyCommand ssh -q -W %h:%p gateway.example.com
#   RekeyLimit 1G 1h

Information about the last connection parameters:

root@buildroot: ssh -G host