Upgrading and Securing SSH Connection

Practice Labs Module
Time
1 hour
Difficulty
Intermediate

The "Upgrading and Securing SSH Security" module provide you with the instructions and devices to develop your hands-on skills in the following topics: Connecting to Kali, Upgrading OpenSSH, Adding Sudo User, Regenerate SSH keys to avoid MITM attacks, Change the MOTD, Change the SSH Port for Safety.

Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Overview

Introduction

The Upgrading and Securing SSH Security module provide you with the instructions and devices to develop your hands-on skills in the following topics.

  • Connecting to Kali
  • Upgrading OpenSSH
  • Adding Sudo User
  • Regenerate SSH keys to avoid MITM attacks
  • Change the MOTD
  • Change the SSH Port for Safety

Lab time: It will take approximately 1 hour to complete this lab.

Exam Objectives

The following exam objectives are covered in this lab:

  • Employ resource protection techniques
  • Operate and maintain preventative measures
  • Implement and support patch and vulnerability management

Exercise 1 - Connecting to Kali

You will first connect to Kali which will permit the path to configure SSH installation and configure into the Linux system.

Exercise 2 - Upgrading OpenSSH

SSH like all protocols needs to be updated, as well as the services which manage those protocols. Moving to a more up-to-date version of the service helps to overcome vulnerabilities in older types and assists in making sure no data is being leaked out unnecessarily from the connection.

Exercise 3 - Adding Sudo User

Kali inherently has the main OS user as root which cant be dangerous in the wrong hands. Adding a non-root user to Kali is trivial and is essential to maintaining good security measures within a system.

Exercise 4 - Regenerate SSH Keys to Avoid MITM Attacks

Default SSH keys are vulnerable from the fact that they are possible to guess. Therefore, changing those keys is an immediate, secure enhancement to the connection.

Exercise 5 - MOTD (Message of the Day)

The MOTD is a legal requirement for all networks to present on a connection with the European Union and is good practice when considering computing ethics. The message should be clear and robust in its nature, avoiding confusion on terms and meanings as much as possible.

Exercise 6 - Change the SSH Port

Changing the SSH port helps to evade obvious detection by sniffing tools and port scanners by placing the connection on a port value not normally recognized for SSH connections. This form of obfuscation acts only to initially bypass common port scans.