How an intruder attacks SSH

Brute Force

© Lead Image © imaginariumphoto, 123RF.com

© Lead Image © imaginariumphoto, 123RF.com

Article from Issue 282/2024
Author(s):

Sometimes the only way to break into an SSH server is through brute force – and yes, there are tools for that.

One particular Linux service needs no introduction: Secure Shell (SSH) is synonymous with logging into remote Linux devices of all varieties. You can use SSH to log into a Raspberry Pi, a mail server, a web server, or even embedded Linux devices such as those running Internet of Things (IoT) applications.

SSH emerged in the 1990s, when it became clear that the unencrypted Telnet was not suitable for communication on the open Internet. SSH version 1 was popular for years, but experts eventually began to warn that it had its own security problems. SSH version 2 was a major rewrite, due to the numerous issues that plagued version 1, including vulnerability to man-in-the-middle attacks. In the Linux world, the SSH software of choice for both client and server is called OpenSSH [1].

This article looks at some of the approaches attackers and ethical hackers use to compromise SSH servers. I will also look at how to prevent a common type of attack against SSH servers. It should go without saying: Only use the tools discussed in this article on servers that you own or explicitly have permission to test against. A number of these approaches could cause downtime or ultimately lock you out of the target SSH instance.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Capture the Flag

    TryHackMe's Capture the Flag puzzles are a useful source for users who want to learn about ethical hacking and penetration testing.

    more »
  • Go-Based Botnet Attacking IoT Devices

    Using an SSH credential brute-force attack, the Go-based PumaBot is exploiting IoT devices everywhere.

    more »
  • Charly's Column

    Users log on to services such as SSH, ftp, SASL, POP3, IMAP, Apache htaccess, and many more using their names and passwords. These popular access mechanisms are a potential target for brute-force attacks. An attentive bouncer will keep dictionary attacks at bay.

    more »
  • Fail2ban

    Fail2ban is a quick to deploy, easy to set up, and free to use intrusion prevention service that protects your systems from brute force and dictionary attacks.

    more »
  • Secure Online Passwords

    Securely storing passwords online can be a complex task. With a few tools, websites can offer better security, but users still need to choose their passwords wisely.

    more »
comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News

Tag Cloud

Administration Community Events Hardware Linux Linux Pro Magazine Mobile Programming Security Software Ubuntu Web Development Windows free software open source