Security implications of using ControlMaster

Damien Miller djm at
Tue Jan 21 12:18:52 AEDT 2020

On Mon, 20 Jan 2020, Stephen Harris wrote:

> On Tue, Jan 21, 2020 at 11:08:51AM +1100, Damien Miller wrote:
> > So IMO disallowing session multiplexing is at most a speedbump that an
> > attacker will cross with relative ease. Speedbumps make sense sometimes,
> An attacker getting root on the jumphost gets immediate control of
> any _current_ persistent connections and new connections.  Without
> ControlMaster it's a _lot_ harder to take control of current connections,
> but pretty easy to subvert new connections.

I wouldn't say it's a lot harder to take control of current connections -
writing a ptrace-based tool that hijacked a running ssh client and
injected a one-off implant payload via keystrokes doesn't seem like
much work.


More information about the openssh-unix-dev mailing list