On Sun, Jul 27, 2014 at 08:40:03AM -0700, tony mancill wrote: > It seems like with Ganneff's trigger mechanism, one attack vector is to > steal a backup of the passphraseless key and spoof the source IP - now > you can run the trigger at will. Having a passphrase on the key could > at least slow the attacker down. I could imagine using ssh-cron > together with "command=" for a higher level of security. Uhm, spoof the source IP? This is not UDP, you'd also need to get traffic back redirected to you. Kind regards Philipp Kern
Attachment:
signature.asc
Description: Digital signature