[Gllug] ssh brute force attacks

[Jose Luis Martinez]

2008/12/10 Robert McKay <robert at mckay.com>:
<snip>
>
> If you were still running an ssh-agent with the keys loaded it is
> possible to extract (the unencrypted versions of) them by attaching a
> debugger to the process (requires root access because it disables
> non-root ptrace'ing).

Some places don't install ssh-agent for this reason.
<snip>
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug