Re: Is it possible to steal your SSH key?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Peter Kiem wrote:
If you connect to a compromised server using SSH keys (not passwords) is it possible for the compromised server to record your SSH key so they can use it on other servers you log into?
No, but if you forward your SSH agent to a compromised server, an attacker could use your agent to log in to other hosts for as long as you were connected to the host that he controlled. Once you disconnect, he could no longer establish new connections to other hosts.
The biggest danger in that situation is that if your agent has the credentials to log in to your workstation, the attacker could do so, and then continue using your agent after you disconnect from the compromised host.
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux