Home page logo

bugtraq logo Bugtraq mailing list archives

Re: SSH & xauth
From: dbt () MEAT NET (David Terrell)
Date: Fri, 25 Feb 2000 14:08:21 -0800

On Thu, Feb 24, 2000 at 05:31:35PM -0500, Brian Caswell wrote:
The only thing that is required for the client system to be compromised
is for the client to remotely log via ssh (with X11 forwarding enabled)
into a compromised server.

And of course the sshd binary can be trojaned, your agent connections can
be hijacked, passwords logged, etc.

So Add ForwardAgent no to that host * stanza, only log in with an RSA
identity, and run ssh -v to see if anything weird happens.

The SSH protocol trusts the server.  If you don't, tread very carefully.

David Terrell             | "Any sufficiently advanced technology
Prime Minister, Nebcorp   | is indistinguishable from a rigged demo."
dbt () meat net              |  - Brian Swetland

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]