Re: doing an ssh into a compromised host

To: debian-security@lists.debian.org
Subject: Re: doing an ssh into a compromised host
From: Dariush Pietrzak <eyck@forumakad.pl>
Date: Wed, 3 Nov 2004 23:43:22 +0100
Message-id: <20041103224322.GB6455@forumakad.pl>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <20041103215517.GB19843@pimlott.net>
References: <Pine.LNX.4.44.0411020827540.3154-100000@stalker.iGuide.co.il> <20041102082913.GA14429@albatross.madduck.net> <20041102121437.GB13347@khazad-dum.debian.net> <20041103002045.GZ19843@pimlott.net> <1696143562.20041103101722@quintic.co.uk> <20041103215517.GB19843@pimlott.net>

> Thanks for the idea.  However, ssh-agent has to speak the ssh-agent
> challenge-response protocol, and provides no way to call out to another
> program for pass-phrases.  So hooking it up to quintuple-agent would
> require some work, I believe.
it would be easier to hack ssh-agent to pop up a message 
  'host sth requested auth .. grant yes/no?'
(although hack would be easy, doing this correctly may require some work)

-- 
Dariush Pietrzak,
Key fingerprint = 40D0 9FFB 9939 7320 8294  05E0 BCC7 02C4 75CC 50D9

Reply to:

References:
- doing an ssh into a compromised host
  - From: Vassilii Khachaturov <vassilii@tarunz.org>
- Re: doing an ssh into a compromised host
  - From: martin f krafft <madduck@debian.org>
- Re: doing an ssh into a compromised host
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: doing an ssh into a compromised host
  - From: Andrew Pimlott <andrew@pimlott.net>
- Re: doing an ssh into a compromised host
  - From: Marcus Williams <marcus@quintic.co.uk>
- Re: doing an ssh into a compromised host
  - From: Andrew Pimlott <andrew@pimlott.net>

Prev by Date: Re: doing an ssh into a compromised host
Next by Date: Re: TCP SYN packets which have the FIN flag set.
Previous by thread: Re: doing an ssh into a compromised host
Next by thread: Re: doing an ssh into a compromised host
Index(es):
- Date
- Thread