Hello,

Are there any security issues with leaving a ssh session open. For example if i walk away for an hour or several hours should i kill the session?

I would asume i am safe, but i have never been told eaither way.

Thanks: confused:

Well, if nobody is going to be using the computer, then there is no harm in leaving it open.

As long as no one has access to your computer, you're fine.

I suggest you set-up filter and rules on port 22.

Well.. there can be some trouble with leaving it open... it depends on how you have ssh set up what openssh server you are useing and what client you are useing to get it... and what the connection goes in between



Anthony LaMantia
www.bia-security.com

Thanks for the help everyone, here is the info you requested.

SSH Versions on RH 7.1

Package Name
openssh-3.1p1-5
openssh-clients-3.1p1-5
openssh-server-3.1p1-5
virtualhosting-fst-ssh-3.0.2-53
webppliance-ssh-3.0.2-53
webppliance-ssh-frontend-3.0.2-53

Log in as root disabled

Connecting with Putty protocol 2

Using Comcast cable, any insights would be apreceated.

The only real problem I can see with leaving the session open is the vulnerability of the client machine. If its unlocked and in a place accessible by others you may have a problem. If not I wouldn't worry much about it.
Sadistikal

In that case my machine here is windows 2000 pro and i have Zone ALarm installed so I guess i am OK.

Yep, I think the main issue is the security of the client machine.

I normally have several ssh sessions open to various servers all the time, but when I go away I use 'vlock' to lock the console.

For example:
root@descartes$ vlock
*** This tty is not a VC (virtual console). ***
*** It may not be securely locked. ***

This TTY is now locked.
Please enter the password to unlock.
root's Password:

Vlock can be overridden by killing the process in another session (root or the user running vlock) - other than that there is no way that I know of to get around it.

I don't think it comes as default - so you may have to install it if you have the privileges.

--Shaun

Nobody can hijack an SSH session from the network or between you and the other end. Unless they can get access to the client machine, it is safe.

Not only physical access, somebody might be able to get to your desktop from over the network using remote assistance on windows or XWindows' networking capabilities.