[Gllug] ssh brute force attacks
Joel Bernstein
joel at fysh.org
Wed Dec 10 16:33:43 UTC 2008
2008/12/10 Jose Luis Martinez <jjllmmss at googlemail.com>:
> 2008/12/10 Robert McKay <robert at mckay.com>:
> <snip>
>>
>> If you were still running an ssh-agent with the keys loaded it is
>> possible to extract (the unencrypted versions of) them by attaching a
>> debugger to the process (requires root access because it disables
>> non-root ptrace'ing).
>
> Some places don't install ssh-agent for this reason.
Some places probably also make their developers whistle down the
phoneline because computers are inherently insecure. On the whole I
prefer working at companies with a sensible attitude to keeping out of
my way and letting me write some code.
Obviously there are different metrics and requirements for different
usecases and environments but I hesitate at the idea that you're going
to withhold access to tools which make my life easier because a
root-compromised machine could be used to steal passphrases. If the
machine is compromised to that degree, you already lost the game.
My $0.02 anyway.
/joel
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list