IronJumbo68@lemmy.world to

Linux@lemmy.worldEnglish · 9 days ago

SSH backdoor infection

6

6

SSH backdoor infection

IronJumbo68@lemmy.world to

Linux@lemmy.worldEnglish · 9 days ago

6

https://blog.thc.org/infecting-ssh-public-keys-with-backdoors

I am not a security expert and I wonder:

Does the described method infect the remote or local machine (from which I connect)?
Can this method be prevented? For example, correctly configuring your etc/ssh/ssh_config

It seems that every VPS supplier can hack you? The description shows that AWS does “harmless”, but what if my hosting is a bad actor?

Chat

treadful@lemmy.zip
link
fedilink
English
arrow-up
5·
9 days ago

OpenSSH has an unsung feature to execute a command (instead of a Shell) when a user successfully logs in.

It’s remote.

Also, it’s not really that exciting. They already would need access to your account. It would be very obvious when copying it as well.

Linux@lemmy.world

linux@lemmy.world

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you’re a seasoned Linux enthusiast or just starting your journey, we’re excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let’s dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.
Be respectful: Treat fellow community members with respect and courtesy.
Quality over quantity: Share informative and thought-provoking content.
No spam or self-promotion: Avoid excessive self-promotion or spamming.
No NSFW adult content
Follow general lemmy guidelines.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

356 users / day
579 users / week
2.65K users / month
5.48K users / 6 months
1 local subscriber
12.4K subscribers
1.06K Posts
8.04K Comments
Modlog

mods:
MigratingtoLemmy@lemmy.world