Re: Is it possible to steal your SSH key?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Peter Kiem wrote:
If you connect to a compromised server using SSH keys (not passwords) is
it possible for the compromised server to record your SSH key so they
can use it on other servers you log into?
No, but if you forward your SSH agent to a compromised server, an
attacker could use your agent to log in to other hosts for as long as
you were connected to the host that he controlled. Once you disconnect,
he could no longer establish new connections to other hosts.
The biggest danger in that situation is that if your agent has the
credentials to log in to your workstation, the attacker could do so, and
then continue using your agent after you disconnect from the compromised
host.
[Index of Archives]
[Current Fedora Users]
[Fedora Desktop]
[Fedora SELinux]
[Yosemite News]
[Yosemite Photos]
[KDE Users]
[Fedora Tools]
[Fedora Docs]