[Gllug] ssh brute force attacks
Jose Luis Martinez
jjllmmss at googlemail.com
Wed Dec 10 16:30:47 UTC 2008
2008/12/10 Robert McKay <robert at mckay.com>:
<snip>
>
> If you were still running an ssh-agent with the keys loaded it is
> possible to extract (the unencrypted versions of) them by attaching a
> debugger to the process (requires root access because it disables
> non-root ptrace'ing).
Some places don't install ssh-agent for this reason.
<snip>
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list