Re: authorized_keys and security
From: Alex (alex.ferguson_at_NOSPAMdartmouth.edu)
Date: 05/28/03
- Previous message: Neil W Rickert: "Re: authorized_keys and security"
- In reply to: Neil W Rickert: "Re: authorized_keys and security"
- Next in thread: Richard Caley: "Re: authorized_keys and security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 27 May 2003 21:05:05 -0400
On 27 May 2003 23:30:22 GMT
Neil W Rickert <rickert+nn@cs.niu.edu> wrote:
> Boris Glawe <boris@boris-glawe.de> writes:
>
> >I've got a question concering security.
> >The files ~/.ssh/id_dsa and ~/.ssh/id_dsa.pub contain the private and
> >the public keys, used for authentication.
>
> >Is it right, that anybody with root access - be this a sysadmin or a
> >hacker - has access to those files ?
>
> Right.
>
> >He/She could copy the files to it's own homedirectory and could login to
> >my areas !?
>
> Only if you foolishly chose to use keys not protected by a good pass
> phrase.
Well, if you don't trust root you can suppose he's trojaned the ssh executable and logs your keystrokes and inserts random commands in your outgoing shell sessions and does a million other terrible things. You shouldn't give any passwords or store any private information on a machine with an untrustworthy root. So, the passphrase protected keys really don't give you security on this machine; in fact nothing will afaik. It's a cruel world out there :)
--Alex
- Previous message: Neil W Rickert: "Re: authorized_keys and security"
- In reply to: Neil W Rickert: "Re: authorized_keys and security"
- Next in thread: Richard Caley: "Re: authorized_keys and security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
