Stefan Franke and Prof. Dr. Wolfgang Müller

Development of Interactive Software Applications

Introduction to SSH

This tutorial introduces you to the basics of SSH and explains how to establish a secure connection to servers.

Group Assignment

At the beginning of the semester, inform Mr. Franke or Mr. Müller of your fixed tandem partner for this course via Slack, and you will be assigned a fixed tandem name and a corresponding subdomain (e.g., isa1.edumake.de).

What is SSH?

SSH, or Secure Shell, is a network protocol used for secure network services over an insecure network.

Task 1: Risks and Dangers of Using SSH with a Single Password

SSH allows authentication using a username and password in its default configuration. However, this simple and intuitive method poses significant security risks. Research the specific disadvantages and dangers of password authentication compared to key-based authentication. Discuss the functionality of key authentication in SSH and why transitioning to key authentication is recommended

Source: Hostinger

Generating an SSH Key Pair

SSH uses key pairs (a public key and a private key) for secure authentication without passwords. On macOS and Unix-like operating systems, you can generate a key pair using the terminal. The command for this is:

ssh-keygen -t rsa -b 2048

-t rsa specifies the type of key. RSA is a common encryption method. -b 2048 specifies the key length, here 2048 bits, which is currently considered secure.

The keys are stored by default in the directory ~/.ssh/ under your username on the computer. You can use these keys on multiple devices by securely transferring the private key to the other devices.

Using PuTTY on Windows

To generate an SSH key pair on Windows, you can use the PuTTYgen tool. Here's a step-by-step guide:

1. Download PuTTYgen: Visit the official PuTTY website at this link and download the latest version of PuTTYgen.
2. Launch PuTTYgen: Open PuTTYgen after installation. You typically find the program under 'All Programs' in the Start menu under 'PuTTY'.
3. Generate Key Pair: In PuTTYgen, click the 'Generate' button and move the mouse randomly in the empty area of the window during the process to gather enough entropy for key generation.
4. Save Keys:
   1. Save Private Key: Click 'Save private key' and choose a secure location on your computer to save the file. It's recommended to set a password for the private key for additional security.
   2. Save Public Key: The public key is displayed in the top area of PuTTYgen. You can either copy it directly or click 'Save public key' to save it as a file.
5. Send Public Key: Send your public key via email to your administrator or upload it to the server according to the instructions.

Ensure that the private key is stored securely and not lost, as it is essential for accessing your servers.

Task 3: Submit Your Public Key

Send your public SSH key along with your group name via email to Mr. Franke or Mr. Müller to deposit the key on the server.

Next Steps

After submitting your public key, you can establish a secure connection to your assigned server.

next exercise sheet