Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- solid backdoor using certificates?
November 14, 2003, 9:25 pm
rate this thread
- Server running SSH2 with logon with signatures using "authorized_keys" for
- Someone hacked the system (somehow - doesn't matter here) and gained root
What if he'd paste his own public signature in ALL .ssh/authorized_keys
files he can find,
making it possible for him to use ALL those users as backdoors to come back
usually, he would have created his own user (in /etc/passwd) which is quite
locate if you're the admin.
BUT with signatures (and the hacker's public-key in place), he'd be able to
even if all users changed their local passwords OR even the local
passphrases for their private
I'd consider this quite a vulnerability - or am I mistaken?
Re: solid backdoor using certificates?
*sigh* - I am totally aware of that, BUT what I meant was, that if the
hacker was able to break in unnoticed, he would be able to keep silent - and
way easier than having to modify "passwd" and "shadow" to open a backdoor...
(I am not talking about the "breaking-in" part, but about the
"staying-unnoticed" part of intrusion)
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum