[nycbug-talk] Analyzing malicious SSH login attempts
george at galis.org
Tue Sep 12 13:24:51 EDT 2006
On Tue, Sep 12, 2006 at 12:29:53PM -0400, michael wrote:
>On Tue, 12 Sep 2006 11:52:26 -0400
>csnyder <chsnyder at gmail.com> wrote:
>> But you encrypted that key using a strong passphrase, right? They
>> would have to get your desktop while ssh-agent was running.
>well.. I don't shut down my home PC when I walk away. It is usually
>running. But I do lock the apartment door [grin].
you do lock the screen, logout, or otherwise make the agent
Use usb dive (with your private key), on your keychain, yes.
There was some resolution (at openbsd I think) to encrypt
the known_hosts entries with the remote host public key;
so if your authentication was compromised, at least there
wouldn't be a list a hosts for the attacker to look up.
But I've not seen it in my OS yet.
Maybe something similar should be done with .ssh/config?
George Georgalis, systems architect, administrator <IXOYE><
More information about the talk