Question about Zeroise sensitive data on client exit on server side.

Mahoda Ratnayaka mahodardev at gmail.com
Tue Jul 26 14:03:48 AEST 2016


Hi,

I was trying to understand the Zeroise process for ssh server when a client
leaves due to connection close, or time out and other cases. And,
I noticed that when the client leave the following function on the server
cleanup_exit will get called.

>From my understanding this function will close all the user authentication
related things and then will exit the server process forked for that client
connection. I added some debug to ssh_packet_close function, but I cloud
not see this being hit in this case.

So, just out of interest I would like to know why the sensitive information
on the server side is not zeroised. Cause I can see the ssh_packet_close
was getting hit on the client side.

Thanks,
Mahoda


More information about the openssh-unix-dev mailing list