In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
This article focuses on "how to achieve a secret handshake in the SSH agent", interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn "how to achieve a secret handshake in a SSH agent".
1. Principle
Here are the instructions provided by ISP:
In cryptography, obfuscation refers to encoding the input data before it is sent to a hash function or other encryption scheme. This technique helps to make brute force attacks unfeasible, as it is difficult to determine the correct cleartext. From a cryptographic point of view, Obfuscation (obfuscation) refers to encoding input data before sending it to a hash formula or other encryption formula, which makes it difficult to crack profit because it is very difficult to confirm the correct plaintext.
The concept is quite eloquent, and then my lousy translator also …... However, the meaning is very clear, in fact, it is to change the handshake so that the monster can not see the ssh protocol used for data transmission, and then the ssh agent comes back full of blood.
two。 Solution
Awesome Bruce Leidl wrote a great patch for openssh. It can obfuscate the handshake signal (handshake) when creating encrypted SSH connections. Such an encrypted handshake signal can fool the deep packet inspection equipment used by the monster, successfully complete the mission, and then ensure the security and stability of the network.
(1) preparation
You need to have a Linux server under the control of the monster, and then configure the Obfuscated-openssh patch on the server.
Obfuscated-openssh click here to download, and then execute the following command to compile and install:
The code is as follows:
. / configure make make install
It is recommended that you install it separately from the regular SSH daemon.
(2) configuration
As a SSH agent, there is no need for users to log in to the server through ssh, so this part of the permission needs to be restricted so that users can only use the SOCKS agent. To do this, you need to create a dedicated user account.
The following is the command to add a user named "golengssh" with a password of "goleng.com" who cannot log on to the server remotely.
The code is as follows:
Sudo useradd-m-s / usr/sbin/nologin-p goleng.com golengssh
At this point, I believe you have a deeper understanding of "how to achieve a secret handshake in the SSH agent". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.