Is it possible to steal your SSH key?
Gordon Messmer
yinyang at eburg.com
Mon Feb 26 23:45:23 UTC 2007
Peter Kiem wrote:
>
> If you connect to a compromised server using SSH keys (not passwords) is
> it possible for the compromised server to record your SSH key so they
> can use it on other servers you log into?
No, but if you forward your SSH agent to a compromised server, an
attacker could use your agent to log in to other hosts for as long as
you were connected to the host that he controlled. Once you disconnect,
he could no longer establish new connections to other hosts.
The biggest danger in that situation is that if your agent has the
credentials to log in to your workstation, the attacker could do so, and
then continue using your agent after you disconnect from the compromised
host.
More information about the users
mailing list