I have completed a few of these boxes practicing and while doing so I have come across ssh more than a few times. Recently I came across a box that requires me to know a little more about SSH than I do. Edit So I was able to get ssh working using keys and I am left with another question. Does SSh disable logging in with a ssh key if the permissions are set say open?
-rw------- vs -rwxrw----
I can understand why you would but I don’t know if thats something specifically set by the server admin or just part of SSH in general. Any thoughts?
It’s SSH in general. One book I can highly recommend for learning all the ins and outs of SSH is Michael W. Lucas’ SSH Mastery.
It’s part of the way key-based authentication works in SSH. If you generate your own SSH keys the permissions are set correctly.
The problem largely occurs when you are trying to use someone else’s keys (such as ones extracted from a victim server).
Generally speaking, the ssh client on your machine will refuse an
id_rsa unless it is at least set to 600 (rw- — — ). I think it will work if it is set to 400 (r-- — —) but if it cant read the file it isn’t going to work either.
The permissions are set to reduce the risk from an untrusted party (group/world) being able to read or write to the file.
@hva thank you. I just put it on my to read list. The one with the pufferfish on the cover right?
@TazWake Thank you for the explanation. That helps clarify things for me. Im going to read that book @hva suggested. Hopefully this will give me a much better understanding of how it works.
@hva so I got the book and started reading. Very informative. At the same time it still reads like a stereo manual so i fell asleep while reading it but I’ll finish here in the next day or so. Thank you again.
Glad you’re enjoying the book! I don’t recall right now how deeply it goes into pivoting, so the only thing you might want to add besides the book itself is reading up on SSH pivoting (there’s plenty of OSCP related articles on that).
@hva I will look into that. I added a post asking the community for more material like you suggested. If you have any more it would be greatly appreciated.