We have examined hardware security up to this point, but the architect must also consider network and shell security of the system. Network security is covered in Chapter 9, Edge Routing and Networking. We will explore one area of shell connectivity in this section: SSH, or secure shell.
SSH is a cryptographic network protocol used to provide services like login, command-line control, remote access, and root access to modern operating systems. SSH uses a secure channel over an unsecure network, employing methods such as SHA-2 and SHA25. Additionally, authentication is performed using various methods, such as public key exchange or simple passwords. Typically, SSH sessions use port 22.
Although the protocol uses authentication and encryption methods, there are still vulnerabilities:
- A preferred method is to use public key exchange when authenticating. These are far better than password-based security.
- A typical attack vector is brute force...