Re: ssh host keys on cloned virtual machines

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

Hey.

Keep in mind that when you clone the template image and replace/delete
the template image's SSH host keys (and the same applies to other such
key material as well) in the clone... then chances are good that the
data is nevertheless still accessible from within the clone (depending
on the used fs, whether DISCARD is used, IO patterns and so on).

If the subsequent owner of the clone is not fully trustworthy, and
extraction of the template image's keys might be possible and could be
used in subsequent attacks.


Cheers,
Chris.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux