undefined | Better HN

0 pointszobzu13y ago0 comments

I'm not sure if I understand what you're saying, or if _you_ understand what you're talking about to be honest.. ;-)

If you need to access a server you'll always need a computer. authorized_keys are public keys only. it does not matter if other computers have your public key. all it does is give you access.

the private key of your ssh key(s) give access to several servers, thats why its the part that you want to protect. if one server has a rootkit, well, that sucks. but if that rootkited server can access all the servers YOU can access, you're screwed.

0 comments

1 comments · 1 top-level

mentat13y ago

He's saying a latent program could hijack your established ssh connection to add another public key corresponding with an attackers private key to get long term access.

j / k navigate · click thread line to collapse