Connection caching?
Ben Lindstrom
mouring at etoh.eviladmin.org
Wed May 5 23:50:29 EST 2004
On Wed, 5 May 2004, Jefferson Ogata wrote:
> Now you add connection caching, and the compromise is no longer contained. If
> the user is legitimately logged from the gateway into the secure system, the
> intruder can now log in to the secure system, as many times as he likes.
>
I think Damien/Markus would agree when I say that the user would have to
enable such a thing for it to be used. Either via a ssh_config or via
a commandline option. Much like how X11 sessions are.
Why would a user do such a thing on a machine as you describe? What gain
do they get? I see none.
- Ben
More information about the openssh-unix-dev
mailing list