On Mon, 20 Jan 2020, Stephen Harris wrote: > On Tue, Jan 21, 2020 at 11:08:51AM +1100, Damien Miller wrote: > > So IMO disallowing session multiplexing is at most a speedbump that an > > attacker will cross with relative ease. Speedbumps make sense sometimes, > > An attacker getting root on the jumphost gets immediate control of > any _current_ persistent connections and new connections. Without > ControlMaster it's a _lot_ harder to take control of current connections, > but pretty easy to subvert new connections. I wouldn't say it's a lot harder to take control of current connections - writing a ptrace-based tool that hijacked a running ssh client and injected a one-off implant payload via keystrokes doesn't seem like much work. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
