Title

Penetration and security of openssh remote secure shell service on raspberry Pi 2

Source of Publication

2018 9th IFIP International Conference on New Technologies, Mobility and Security, NTMS 2018 - Proceedings

Abstract

© 2018 IEEE. This research presents a penetration testing approach to help secure OpenSSH service on Raspberry Pi 2. The study discusses a technique for penetrating Debian v7.1p2, installed on Raspberry Pi 2, using Kali Linux. We exploit the vulnerability found in SSH protocol exchange keys, which causes multiple CRLF injections in Raspberry Pi 2 Model B, allowing remote authenticated users to bypass intended shell-command restrictions via well crafted X11 data forwarding. We propose an innovative security model to solve the issues of allowing remote authentication access using SSH protocol exchange keys without affecting the encrypted protocols transmissions. We conclude with recommendations on how to securely mitigate MITM attacks using our secure proposed model.

Document Type

Conference Proceeding

ISBN

['9781538636626']

First Page

1

Last Page

5

Publication Date

3-29-2018

DOI

10.1109/NTMS.2018.8328710

Share

COinS