Re: [swinog] hosting for 1 powersupply with lan port

[Stanislav Sinyagin]

>________________________________
> From: Jeroen Massar <jer...@unfix.org>
>
>On 2 Jun 2012, at 05:49, Stanislav Sinyagin <ssinya...@yahoo.com> wrote:
>
>
>
>When I'm logged in to the VPS, I can do 
>>
>>  ssh -A ssinyagin@1.2.3.4
>>with this command, the server 1.2.3.4 authenticates me through my public key, 
>>and the VPS acts as the SSH agent proxy. So, if that server has my public key 
>>in .ssh/authorized_keys, I'm easily in, and no security breach on the VPS 
>>would affect my security.
>
>
>Unless the attacker is on the jumpbox as root as then they can also forward in 
>the same way, but this should not happen ofcourse ;)


yes, in theory if the attacker is logged in as root, then during my SSH session 
they may make an SSH connection using my credentials. But it would be difficult 
to stay unnoticed, and it's only possible while I'm logged in.


_______________________________________________
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog