Return to Security and Privacy

SSH and Tunneling

This series will look at how to create secure connections over the Internet using SSH and Tunneling.

 Save as PDF

SSH Introduction

One of the interesting things about the Internet is that it was not designed for security, and kind of happened almost accidentally. The early researchers, people like JCR Licklider and Vint Cerf, were mostly interested in facilitating communication between university researchers, and assumed that anyone they were in contact with was another “good guy”. It …

 Save as PDF

Home ssh server

The best way to get familiarity with the concepts we will discuss is by experimentation. I think that it is becoming more common these days for people to own more than one computer and set them up in a network. And with cheap computers like Raspberry Pi it is really easy to get started. In …

 Save as PDF

SSH Basics

So as we saw in the introductory tutorial, SSH uses the Client-Server model. Now, technically a server is just the machine you are connecting to, and there is no reason in principle that it could not be another desktop, a laptop, or even a telephone if it has the appropriate software. and in the previous tutorial …

 Save as PDF

SSH Authentication: Keys

When you first try to login to a remote server you need to authenticate yourself, which means you have to demonstrate that you have rights to be on that server.  You can do this in several ways: Password – You authenticate to the server by typing in your password. This is easy because you can …

 Save as PDF

SSH Authentication: Server and Agents

Once you have generated these keys, you need to add the public key to your ssh account on the server. How this happens may vary. On a more-or-less public system (for example, here is the GitHub explanation) they may let you add this through a Website where it is added to your account information. In …

 Save as PDF

SSH options, Port Forwarding over SSH, Keepalives

The ssh command has a number of options, and I don’t plan to cover all of them. Some of them are things that even the documentation warns against, suggesting they are only for real experts. But I want to mention the ones that I think you will find important. These options take the form of …

 Save as PDF

SSH, Tunneling, and VPNs

As we saw earlier, an encrypted connection between two machines is often referred to as a tunnel. But to be clear, all of the traffic involved is flowing through the same “pipes” as all other Internet traffic. The packets are just TCP packets, and the only significant thing about them is that they are encrypted …

 Save as PDF

SOCKS Proxy

Once you have gotten used to SSH VPNs, the logical next step is probably to learn about a SOCKS Proxy, so that is where we are going now. SOCKS stands for Socket Secure, and is an internet protocol that routes packets between two machines (a client and a server) through a proxy server. SOCKS operates …

 Save as PDF