vulnerability with ssh-agent
Keld Jørn Simonsen
keld at dkuug.dk
Thu Jul 15 05:09:54 EST 2004
Michael Stevens wrote:
> If its in memory, you should assume that root can see it.
yes, that is of cause true, but I am not sure that the dsa key
is in the memory of the ssh-agent, and I am not sure that it will be
easily visible. I had a try if I could find my dsa key in the /proc/pid/exe
file of the ssh-agent with strings, but I could not find it.
Does anybody know if ssh-agent has the keys stored in memory, and how?
best regards
keld
More information about the openssh-unix-dev
mailing list