Hi,
Just wondering something...
If you connect to a compromised server using SSH keys (not passwords) is it possible for the compromised server to record your SSH key so they can use it on other servers you log into?
Opinions?
On Mon, 26 Feb 2007, Peter Kiem wrote:
Hi,
Just wondering something...
If you connect to a compromised server using SSH keys (not passwords) is it possible for the compromised server to record your SSH key so they can use it on other servers you log into?
Opinions?
Nope, at least not directly. When you log in your private key is not sent to the server. Instead signed data is sent to the server. The signature is then verified with the corresponding public key on the server. In the case of a compromised server the best a would be thief would have is data and a signature. Determining the private key with this info is basically deemed cryptographically infeasible.
Peter Kiem wrote:
If you connect to a compromised server using SSH keys (not passwords) is it possible for the compromised server to record your SSH key so they can use it on other servers you log into?
No, but if you forward your SSH agent to a compromised server, an attacker could use your agent to log in to other hosts for as long as you were connected to the host that he controlled. Once you disconnect, he could no longer establish new connections to other hosts.
The biggest danger in that situation is that if your agent has the credentials to log in to your workstation, the attacker could do so, and then continue using your agent after you disconnect from the compromised host.
-
Gordon Messmer -
Mike -
Peter Kiem