also sprach Vassilii Khachaturov <vassilii@tarunz.org> [2004.11.02.0759 +0100]: > I have been doing ssh into the box. THe client is set up not to > request the X forwarding by the default. When I try "ssh -v" now, > I observe no X forwarding being established, whereas "ssh -X -v" > does establish X. Question is, could the server have forced an > X forwarding on me (w/o my knowledge) having sniffed my local > keystrokes? FWIW, I have been doing "ssh-add" and then ssh w/o > a need to enter any password during the authentication with the > compromised remote host. If you forward your agent (-A, or ForwardAgent yes), then the attacker now probably has access to all machines where the SSH key you used has access. I am unaware of a way to hijack X Forwarding in the way you describe. -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft <madduck@debian.org> : :' : proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
Attachment:
signature.asc
Description: Digital signature