Penetration and Security of OpenSSH Remote Secure Shell Service on Raspberry Pi 2

2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS) Pub Date : 2018-02-01 DOI:10.1109/NTMS.2018.8328710

Hesham H. Alsaadi, M. Aldwairi, May Al Taei, Mansoor AlBuainain, Maktoom AlKubaisi

引用次数: 7

Abstract

This research presents a penetration testing approach to help secure OpenSSH service on Raspberry Pi 2. The study discusses a technique for penetrating Debian v7.1p2, installed on Raspberry Pi 2, using Kali Linux. We exploit the vulnerability found in SSH protocol exchange keys, which causes multiple CRLF injections in Raspberry Pi 2 Model B, allowing remote authenticated users to bypass intended shell-command restrictions via well crafted X11 data forwarding. We propose an innovative security model to solve the issues of allowing remote authentication access using SSH protocol exchange keys without affecting the encrypted protocols transmissions. We conclude with recommendations on how to securely mitigate MITM attacks using our secure proposed model.

查看原文本刊更多论文

OpenSSH远程安全外壳服务在树莓派2上的渗透与安全性

本研究提出了一种渗透测试方法来帮助确保Raspberry Pi 2上OpenSSH服务的安全。该研究讨论了一种使用Kali Linux渗透安装在Raspberry Pi 2上的Debian v7.1p2的技术。我们利用在SSH协议交换密钥中发现的漏洞，该漏洞导致Raspberry Pi 2 Model B中的多个CRLF注入，允许远程认证用户通过精心制作的X11数据转发绕过预期的shell命令限制。我们提出了一种创新的安全模型来解决使用SSH协议交换密钥允许远程身份验证访问而不影响加密协议传输的问题。最后，我们就如何使用我们建议的安全模型安全地减轻MITM攻击提出了建议。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)

自引率

0.00%

发文量