picoCTF Solutions
PathPart of the General Skills path · Step 1 of 4: Linux and Remote Access
picoCTF 2024General SkillsEasy

Super SSH

Published: April 3, 2024

Description

Using a Secure Shell (SSH) is going to be pretty important. Can you ssh as ctf-player to titan.picoctf.net at port 65080 to get the flag? You'll also need the password 6dd28e9b. If asked, accept the fingerprint with yes. If your device doesn't have a shell, you can use: https://webshell.picoctf.org If you're not sure what a shell is, check out our Primer: https://primer.picoctf.com/#_the_shell

Setup

SSH basics

Ensure you have an SSH client (native shell or webshell).

Use the provided password 6dd28e9b when prompted.

Solution

  1. Step 1Run ssh
    Specify the username, host, and port 65080. Accept the fingerprint the first time you connect.
    ssh ctf-player@titan.picoctf.net -p 65080
    Learn more

    SSH (Secure Shell) is the standard protocol for encrypted remote login to servers over a network. It replaced older plaintext protocols like Telnet and rlogin. The ssh command takes the form ssh user@host -p port, where -p specifies a non-default port (default is 22).

    On first connection to a host, SSH shows you the server's host key fingerprint - a hash of its public key - and asks you to confirm. This prevents man-in-the-middle attacks: once you accept and store the fingerprint, SSH will warn you if it ever changes unexpectedly. In a CTF setting it is safe to accept; in production you should verify the fingerprint through a trusted out-of-band channel.

    • The accepted fingerprint is stored in ~/.ssh/known_hosts on your machine.
    • SSH supports both password authentication and public-key authentication; public-key is preferred in production because it eliminates password brute-force risk.
    • The -i keyfile flag specifies a private key file for public-key auth - you will see this in later picoCTF SSH challenges.
  2. Step 2Enter the password
    Type 6dd28e9b (input is hidden). The remote shell prints the flag immediately.
    Learn more

    SSH password authentication sends your password to the server in encrypted form - it is not transmitted in plaintext. However, it is still weaker than public-key authentication because it is vulnerable to brute-force attacks if the server allows unlimited attempts, and because password reuse across services is common.

    When you log in, the remote server executes whatever is configured as your shell or login program. In this challenge, that program simply prints the flag and exits rather than dropping you into an interactive shell. This is a common CTF pattern using a restricted shell or a custom login script.

    In real-world infrastructure, SSH is used for remote server administration, tunneling (port forwarding), file transfer (scp, sftp), and as the transport layer for tools like Ansible and rsync. Knowing SSH well is one of the most practically valuable skills in both CTF and professional security work.

Related guides

Linux Command Line Basics for CTF

New to the terminal? This guide covers the commands used across every General Skills challenge, including SSH, file inspection, and text searching.

Beginner's Guide to Netcat for CTFs

Most picoCTF remote challenges use nc. Learn how to connect, pipe payloads, and script interactions with pwntools.

Flag

picoCTF{s3cur3_c0nn3ct10n_5d...}

Successful login immediately reveals the flag.

Want more picoCTF 2024 writeups?

Browse picoCTF 2024Full library

Useful tools for General Skills

Related reading

What to try next