[Cialug] ssh oddness
Zachary Kotlarek
zach at kotlarek.com
Tue Nov 11 15:50:39 CST 2008
On Nov 11, 2008, at 3:44 PM, Aaron Porter wrote:
> Others have answered the what and how, FYI the WHY is to reduce the
> usefullnes of a single compromised account for launching attacks
> against other hosts using shared credentials. It seems that most users
> with bad passwords and/or insecure ssh-keys tend to reuse those same
> bad credentials as often as they are allowed.
Even if your account is not comprised it's still a good idea. The
known_hosts file is typically world-readable, so anyone/anything with
local file access (think broken web server) could read it and provide
an attacker a list of hosts that are known to accept SSH connections
from the current machine, and a good guess at a valid username for
that host.
Zach
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2746 bytes
Desc: not available
Url : http://cialug.org/pipermail/cialug/attachments/20081111/89ba137b/smime.bin
More information about the Cialug
mailing list