Use of OpenSSH support for remote login to a multilevel secure system

Abstract

Complex multilevel secure (MLS) architectures are emerging that require user identification and authentication services not only from multilevel connections, but from pre-existing single level networks. The XTS-400 can be used as a server in such environments. Trusted devices are required for user login via multilevel connections; however, single level remote login facilities do not require such client-side devices. Instead, a more lightweight mechanism is possible. Remote login capabilities do not exist on the XTS-400 for use over the single level networks and this capability is a desired feature for use in complex multilevel architectures. OpenSSH is an application, developed for OpenBSD, that uses the SSH protocol to provide secure remote logins and an interactive command interface. A secure remote login application, OpenSSH, was ported to the XTS-400 in order to provide remote login capabilities. The porting process identified differences between the original development platform for OpenSSH and the XTS- 400. Solutions, in the form of source code modifications, were made to overcome problems resulting from the compatibility differences encountered during the port. Testing was conducted to ensure that the port was successful and did not violate any security policies enforced by the XTS-400.