Securing SSH Connections
Sure, traffic between an SSH client and server is enciphered, but how can certainty that the correct server is directly processing client requests be enhanced. A man in the middle attack occurs when an SSH server poses as the desired host, and forwards messages between the desired host and the client. The fake SSH server receives an enciphered message from the client that it can decipher, because the SSH server provides its own public key for the client to use. Then, the fake SSH server acts as a client to the desired SSH server, passing along messages to the desired server from the client. Respecting the fingerprint of a server’s public key helps minimize the efficacy of man in the middle attacks.
The following command gets the ssh key fingerprint on typical Unix-like system configurations:
ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub
The SSH protocol was intended to use a certificate authority (CA) for ensuring that clients were connecting to the desired server. Many SSH server and client installations currently do not rely on a CA to identify each to the other. This is why the SSH server’s key fingerprint is as important as login and password information when given to remote users. Without a good certificate authority in place, users should disallow connections to servers with unrecognized keys, and manually insert the key fingerprints into applications such as Putty. When a message indicates that a connection cannot be made or that the key fingerprint has been changed, attempts to connect should be discontinued, and the server’s administrator should be notified immediately.