[Novalug] SSH security - agent + x forwarding
Nick Danger
nick@hackermonkey.com
Mon Mar 19 14:02:37 EDT 2012
Reading the SSH mastery book and got to the chapter on port/agent
forwarding. I understand that in theory, forwarding a copy of my key
could let someone have access to memory where my key is now stored
(unlocked). Has there ever been an exploit for this? Not that a plan on
forwarding my key around to systems I don't trust, but was curious.
And how about allowing X? Again, it said that forwarding X connections
could allow someone on the remote server to forward you X output, I
guess in theory to take control. Has this ever been proven either?
How about with a socks proxy, couldn't in theory the sysadmin of machine
shell.x.com that you are bouncing your HTTP traffic sit and watch your
traffic real time/real display? I don't mean tcpdump time, I mean start
a browser and watch what you do.
Just being curious. And slightly paranoid.
Nick
More information about the Novalug
mailing list