[Novalug] SSH security - agent + x forwarding

Nick Danger nick@hackermonkey.com
Mon Mar 19 14:02:37 EDT 2012


Reading the SSH mastery book and got to the chapter on port/agent 
forwarding. I understand that in theory, forwarding a copy of my key 
could let someone have access to memory where my key is now stored 
(unlocked). Has there ever been an exploit for this? Not that a plan on 
forwarding my key around to systems I don't trust, but  was curious.

And how about allowing X? Again, it said that forwarding X connections 
could allow someone on the remote server to forward you X output, I 
guess in theory to take control.  Has this ever been proven either?

How about with a socks proxy, couldn't in theory the sysadmin of machine 
shell.x.com that you are bouncing your HTTP traffic sit and watch your 
traffic real time/real display? I don't mean tcpdump time, I mean start 
a browser and watch what you do.

Just being curious. And slightly paranoid.

Nick



More information about the Novalug mailing list