摘要
安全Shell(SSH:Secure Shell)是一种应用层的安全通信协议,提供通信双方相互间身份的认证、通信数据的加解密处理、数据完整性校验等多种安全服务,按照其实现的功能,可归为一种应用层的虚拟专用网(VPN)协议。本文概要说明了SSH协议的基本概念,然后对SSH会话从发起到结束的整个过程,以及扩展协议进行了深入细致的研究和分析,归纳总结了SSH协议本身存在的若干缺陷和不足,并提出一系列实际操作过程中可以参考的建议;对部分安全漏洞,特别是对缓冲区溢出漏洞,进行了研究、分析,修改了其脆弱性,弥补了漏洞,并嵌入了质询-响应认证方法;同时,根据实际应用的需求,基于Windows平台,实现了SSH协议,方便了系统管理和提高了SSH的可用性。
Safety Shell (SSH : Secure Shell) is an application layer security protocol, provides communication between the two sides of identity authentication, communications data encryption, data integrity verification, and other security services, according to its function, falls into an Application Layer Virtual Private Network (VPN) protocol. This Paper outlines the SSH protocol basic concepts, then launchs from SSH sessions to the end of the whole process and the expansion of the agreement in detail the research and analysis; SSH summarizes the agreement, there is a number of shortcomings and deficiencies, and related work experience, and proposes the proposal that a series of actual work process can refer to;researchs and analyzes some security loopholes, especially for Buffer Overflow Vulnerability, revises its vulnerability to make up for the loopholes, and has embedded authentication methods in response to a question the. In addition, according to the actual needs of the application, based on the Windows platform for the SSH protocol to facilitate management and improve the availability of SSH.
出处
《计算机科学》
CSCD
北大核心
2008年第4期85-87,90,共4页
Computer Science
