Re: doing an ssh into a compromised host

To: debian-security@lists.debian.org
Subject: Re: doing an ssh into a compromised host
From: "Volker Tanger" <volker.tanger@detewe.de>
Date: Tue, 2 Nov 2004 09:39:11 +0100
Message-id: <20041102093911.0843afc3.volker.tanger@detewe.de>
In-reply-to: <Pine.LNX.4.44.0411020827540.3154-100000@stalker.iGuide.co.il>
References: <Pine.LNX.4.44.0411020827540.3154-100000@stalker.iGuide.co.il>

Greetings!

On Tue, 2 Nov 2004 08:59:07 +0200 (IST) Vassilii Khachaturov
<vassilii@tarunz.org> wrote:
> I have been doing ssh into the box. THe client is set up not to
> request the X forwarding by the default. When I try "ssh -v" now, I
> observe no X forwarding being established, whereas "ssh -X -v"  does
> establish X. Question is, could the server have forced an X forwarding
> on me (w/o my knowledge) having sniffed my local keystrokes? 

You could force the SSH client to *not* forward X11 with -x 
(the low-caps x char) regardless other client/server-side
specifications. If you do not specify any other special 
forwarding (-L or -R) then there will be no forwarding.

HTH

Volker Tanger
ITK Security

Reply to:

Follow-Ups:
- Re: doing an ssh into a compromised host
  - From: Vassilii Khachaturov <vassilii@tarunz.org>

References:
- doing an ssh into a compromised host
  - From: Vassilii Khachaturov <vassilii@tarunz.org>

Prev by Date: Re: doing an ssh into a compromised host
Next by Date: Re: doing an ssh into a compromised host
Previous by thread: Re: doing an ssh into a compromised host
Next by thread: Re: doing an ssh into a compromised host
Index(es):
- Date
- Thread