[svlug] Configuring Server - SSH Trouble + Security Considerations

ericv ericv at cruzio.com
Thu Oct 26 17:59:54 PDT 2006

On Thu, 26 Oct 2006 17:51:45 -0700, Rick Moen wrote
> Quoting Don Marti (dmarti at zgp.org):
> > Is there a way for you, the administrator of the
> > server, to tell ssh hopping, like this:
> > 
> >   ssh -At lron.example.edu ssh xenu.linuxmafia.com
> > 
> > from risky private key copying?
> Sorry, I really don't.
> Please note, as well, that using globally unique (across systems) access
> tokens -- either passwords or keypairs -- in no way defeats the
> token-stealing routine I described.  Not at all.  This is a problem
> because I'm _reasonably_ certain it's now the standard method among 
> script-kiddies.
> Basically, it's an inevitably consequence of the fact that an SSH tunnel
> is only as trustable as both endpoints' security plus that of the tunnel
> itself.  If you distrust one of the endpoints, the best you can do is
> either (1) never expose tokens there (but rather only at the other 
> end),
> (2) S/Key or OPIE OTP authetication, or (3) a SecureID fob or equivalent.

That's why I always pushed content to my web wervers via SSH rather than allow
them to pull.  Similar for lightweight backup jobs.  Even though I locked them
down tight, they were always considered "ceremonially unclean".

Eric N. Valor
(sent from my web client)

More information about the svlug mailing list