SSH

Most used is OpenBSD SSH

Two competing protocols: SSH-1 and SSH-2

Six auth methods:

  1. Password authentication
  2. Public-key authentication
  3. Host-based authentication
  4. Keyboard authentication
  5. Challenge-response authentication
  6. GSSAPI authentication

To interact with Rsync over SSH: https://phoenixnap.com/kb/how-to-rsync-over-ssh

More on auth methods: https://www.golinuxcloud.com/openssh-authentication-methods-sshd-config/

Dangerous settings

Setting Description
PasswordAuthentication yes Allows password-based authentication.
PermitEmptyPasswords yes Allows the use of empty passwords.
PermitRootLogin yes Allows to log in as the root user.
Protocol 1 Uses an outdated version of encryption.
X11Forwarding yes Allows X11 forwarding for GUI applications.
AllowTcpForwarding yes Allows forwarding of TCP ports.
PermitTunnel Allows tunneling.
DebianBanner yes Displays a specific banner when logging in.

SSH-Audit

git clone <https://github.com/jtesta/ssh-audit.git> && cd ssh-audit
./ssh-audit.py $HOST