Fedora Users — Re: Is it possible to steal your SSH key?

Re: Is it possible to steal your SSH key?

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: For users of Fedora <fedora-list@xxxxxxxxxx>

Subject: Re: Is it possible to steal your SSH key?

From: Gordon Messmer <yinyang@xxxxxxxxx>

Date: Mon, 26 Feb 2007 15:45:23 -0800

In-reply-to: <45E26FB3.6020005@xxxxxxxxxx>

References: <45E26FB3.6020005@xxxxxxxxxx>

Reply-to: For users of Fedora <fedora-list@xxxxxxxxxx>

User-agent: Thunderbird 1.5.0.9 (X11/20070102)

Peter Kiem wrote:

If you connect to a compromised server using SSH keys (not passwords) isit possible for the compromised server to record your SSH key so theycan use it on other servers you log into?

No, but if you forward your SSH agent to a compromised server, anattacker could use your agent to log in to other hosts for as long asyou were connected to the host that he controlled. Once you disconnect,he could no longer establish new connections to other hosts.

The biggest danger in that situation is that if your agent has thecredentials to log in to your workstation, the attacker could do so, andthen continue using your agent after you disconnect from the compromisedhost.