1
00:00:00,000 --> 00:00:17,559
Hey everyone and welcome back. So what we're going to focus in on in this skill right here

2
00:00:17,559 --> 00:00:25,760
is all about SSH that is Secure Shell. Now we do have some familiarity with Secure Shell

3
00:00:25,760 --> 00:00:31,480
of course but in this skill right here we're going to look at the details of the connections

4
00:00:31,480 --> 00:00:37,520
in a little bit more detail. So with that said how about we dive on and then so the

5
00:00:37,520 --> 00:00:44,200
very first thing that you should know about SSH is that this is something we use for remote

6
00:00:44,200 --> 00:00:49,040
connection. So this is remote access we're dealing with here. Now technically you can

7
00:00:49,040 --> 00:00:55,040
just SSH back into your local system but realistically we're talking about making a connection to

8
00:00:55,039 --> 00:01:00,640
a different computer to a different network that type of thing and the big thing here is

9
00:01:00,640 --> 00:01:08,319
that SSH as the name does imply is indeed secure because before we actually had SSH we had

10
00:01:08,319 --> 00:01:14,200
this RETCHID technology I would say at least now called Telnet. Now Telnet perhaps I'm

11
00:01:14,200 --> 00:01:20,920
being a little bit unfair. Telnet did provide a good service it allowed us to have remote

12
00:01:21,000 --> 00:01:27,840
connectivity but the reality is Telnet was unencrypted. Now in today's day and age we

13
00:01:27,840 --> 00:01:32,280
know that we can't deal with these unencrypted connections because quite simply they are

14
00:01:32,280 --> 00:01:38,840
just nowhere near secure enough you are just inviting trouble into your network and depending

15
00:01:38,840 --> 00:01:44,240
on the actual industry in which you are in potentially opening yourself up to accusations

16
00:01:44,240 --> 00:01:49,480
of malpractice and potentially litigation so really you want to have your security in

17
00:01:49,560 --> 00:01:54,880
order. So one of the best things that you can do for security as you may know is to

18
00:01:54,880 --> 00:02:01,320
invoke encryption and that is what SSH was all about. So really what we have here is

19
00:02:01,320 --> 00:02:06,960
we have a server this can be called server one again because as we know by now I'm just

20
00:02:06,960 --> 00:02:12,719
so creative and we could have over here let's just call this you guessed it server two.

21
00:02:12,800 --> 00:02:19,840
If server one wants to log in to server two all we do is we set up this type of tunnel

22
00:02:19,840 --> 00:02:25,680
and this tunnel is going to be an SSH tunnel. Now once we open this up you can visualize

23
00:02:25,680 --> 00:02:31,719
this as like an encrypted pipe so that means that you can actually send information through

24
00:02:31,719 --> 00:02:38,039
this channel and all the data here is going to be protected by the outer layers of the

25
00:02:38,079 --> 00:02:45,639
SSH tunnel. So you could actually send configurations to a network device from one management station

26
00:02:45,639 --> 00:02:52,840
to the actual device itself have those configurations securely shielded by the SSH protocol.

27
00:02:53,560 --> 00:02:59,479
Now one thing to note is the way SSH is going to be able to operate is that it's going to use

28
00:02:59,479 --> 00:03:05,399
a technology we've already looked at within this very course and that is public key cryptography.

29
00:03:05,480 --> 00:03:12,360
So again let's say we have server two here let's say we have server one here if these servers want

30
00:03:12,360 --> 00:03:18,520
to communicate to each other in this secure manner what they're going to do is they're going to invoke

31
00:03:18,520 --> 00:03:25,400
public key cryptography. Now you may recall when we talked about public key cryptography is that in

32
00:03:25,400 --> 00:03:32,520
this architecture we're going to have both a public key as well as a corresponding private key. Now

33
00:03:32,520 --> 00:03:38,840
the crucial thing to note here to really really remember is that the private key as it suggested

34
00:03:38,840 --> 00:03:45,160
must remain private you do not want to share this with absolutely anyone at all whereas the public

35
00:03:45,160 --> 00:03:50,600
key that is the absolute opposite this is very very liberal you can freely share this with

36
00:03:50,600 --> 00:03:57,640
absolutely anyone you choose. So what this means is that both servers here can freely exchange their

37
00:03:57,639 --> 00:04:04,759
public keys whilst keeping their private key absolutely private on the internal system and

38
00:04:04,759 --> 00:04:11,079
because of that architecture that means that we can send messages to a server using that public key

39
00:04:11,079 --> 00:04:18,759
which would therefore encrypt that message and can be subsequently decrypted by the private key

40
00:04:18,759 --> 00:04:25,639
on the remote server we are talking to. So really no surprises here with respect to public or private

41
00:04:25,639 --> 00:04:30,839
key cryptography this is something we have talked about before like I say understand that SSH is going

42
00:04:30,839 --> 00:04:36,039
to implement this architecture but now what we want to do is to get a little bit more hands-on

43
00:04:36,039 --> 00:04:41,479
and practical about what SSH can actually do for us the first thing that we're going to have to look

44
00:04:41,479 --> 00:04:47,800
at are some configuration files and then we'll see some of the other things that we can use with SSH

45
00:04:47,800 --> 00:04:54,919
like I say SSH allows us to provide a tunnel that is an encrypted tunnel whereby we can

46
00:04:54,920 --> 00:05:00,280
shuttle data through that tunnel. Now you may recall that we have already talked about something

47
00:05:00,280 --> 00:05:07,000
called FTP I believe that was in the very last skill well we can actually shuttle our FTP data

48
00:05:07,000 --> 00:05:15,800
securely over an SSH tunnel that would be therefore called SFTP the secure file transfer protocol that

49
00:05:15,800 --> 00:05:23,639
is again because we are wrapping this FTP connection within the SSH tunnel and this is again something

50
00:05:23,719 --> 00:05:31,079
we will get to look at within this skill as well as something called secure copy scp again also

51
00:05:31,079 --> 00:05:38,039
leveraging that secure SSH channel so we have a lot of stuff to get to within this skill the very

52
00:05:38,039 --> 00:05:42,919
first time we're going to be looking at is a particular SSH configuration file and that's what

53
00:05:42,919 --> 00:05:47,079
we're going to be talking about in the very next nuggets I hope this has been informative for you

54
00:05:47,079 --> 00:05:52,519
and I'd like to thank you for viewing