Re: doing an ssh into a compromised host

To: debian-security@lists.debian.org
Subject: Re: doing an ssh into a compromised host
From: martin f krafft <madduck@debian.org>
Date: Tue, 2 Nov 2004 15:39:40 +0100
Message-id: <20041102143940.GA21319@cirrus.madduck.net>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <20041102095319.GB19771@forumakad.pl>
References: <Pine.LNX.4.44.0411020827540.3154-100000@stalker.iGuide.co.il> <20041102082913.GA14429@albatross.madduck.net> <20041102084755.GA19771@forumakad.pl> <20041102094218.GA10844@cirrus.madduck.net> <20041102095319.GB19771@forumakad.pl>

also sprach Dariush Pietrzak <eyck@forumakad.pl> [2004.11.02.1053 +0100]:
>  hmm, but in /tmp/ssh* there's just a socket... so when agent is gone, what
> good is that file?

Fine, so the other hosts are only accessible while you are logged
in. Should be enough to hijack them...

-- 
Please do not send copies of list mail to me; I read the list!
 
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, user, and author
`. `'`
  `-  Debian - when you have better things to do than fixing a system
 
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- doing an ssh into a compromised host
  - From: Vassilii Khachaturov <vassilii@tarunz.org>
- Re: doing an ssh into a compromised host
  - From: martin f krafft <madduck@debian.org>
- Re: doing an ssh into a compromised host
  - From: Dariush Pietrzak <eyck@forumakad.pl>
- Re: doing an ssh into a compromised host
  - From: martin f krafft <madduck@debian.org>
- Re: doing an ssh into a compromised host
  - From: Dariush Pietrzak <eyck@forumakad.pl>

Prev by Date: Re: ssh chroot on debian documentation
Next by Date: Re: doing an ssh into a compromised host
Previous by thread: Re: doing an ssh into a compromised host
Next by thread: Re: doing an ssh into a compromised host
Index(es):
- Date
- Thread