Results 1 to 10 of 10
  1. #1

    Leaving SSH session open?

    Hello,

    Are there any security issues with leaving a ssh session open. For example if i walk away for an hour or several hours should i kill the session?

    I would asume i am safe, but i have never been told eaither way.

    Thanks: confused:

  2. #2
    Join Date
    Aug 2002
    Location
    Sacramento, CA
    Posts
    353
    Well, if nobody is going to be using the computer, then there is no harm in leaving it open.

  3. #3
    Join Date
    Jun 2000
    Location
    Washington, USA
    Posts
    5,990
    As long as no one has access to your computer, you're fine.

  4. #4
    Join Date
    Feb 2002
    Posts
    2,120
    I suggest you set-up filter and rules on port 22.

  5. #5
    Join Date
    Aug 2002
    Location
    Chicago, IL, United States
    Posts
    64
    Well.. there can be some trouble with leaving it open... it depends on how you have ssh set up what openssh server you are useing and what client you are useing to get it... and what the connection goes in between



    Anthony LaMantia
    www.bia-security.com
    Anthony LaMantia
    http://www.bia-security.com

  6. #6
    Thanks for the help everyone, here is the info you requested.

    SSH Versions on RH 7.1

    Package Name
    openssh-3.1p1-5
    openssh-clients-3.1p1-5
    openssh-server-3.1p1-5
    virtualhosting-fst-ssh-3.0.2-53
    webppliance-ssh-3.0.2-53
    webppliance-ssh-frontend-3.0.2-53

    Log in as root disabled

    Connecting with Putty protocol 2

    Using Comcast cable, any insights would be apreceated.

  7. #7
    Join Date
    Jul 2002
    Location
    New Hampshire
    Posts
    154
    The only real problem I can see with leaving the session open is the vulnerability of the client machine. If its unlocked and in a place accessible by others you may have a problem. If not I wouldn't worry much about it.
    Sadistikal
    When you say "I wrote a program that crashed Windows", people just stare at
    you blankly and say "Hey, I got those with the system, *for free*".
    -- Linus Torvalds

  8. #8
    In that case my machine here is windows 2000 pro and i have Zone ALarm installed so I guess i am OK.
    Last edited by doug357; 08-09-2002 at 12:40 PM.

  9. #9
    Join Date
    Jun 2002
    Location
    Sydney, Australia
    Posts
    1,745
    Yep, I think the main issue is the security of the client machine.

    I normally have several ssh sessions open to various servers all the time, but when I go away I use 'vlock' to lock the console.

    For example:
    root@descartes$ vlock
    *** This tty is not a VC (virtual console). ***
    *** It may not be securely locked. ***

    This TTY is now locked.
    Please enter the password to unlock.
    root's Password:

    Vlock can be overridden by killing the process in another session (root or the user running vlock) - other than that there is no way that I know of to get around it.

    I don't think it comes as default - so you may have to install it if you have the privileges.

    --Shaun
    Shaun Ewing
    shaun.net

  10. #10
    Join Date
    Jan 2002
    Location
    Kuwait
    Posts
    679
    Nobody can hijack an SSH session from the network or between you and the other end. Unless they can get access to the client machine, it is safe.

    Not only physical access, somebody might be able to get to your desktop from over the network using remote assistance on windows or XWindows' networking capabilities.
    Ahmad Alhashemi
    PHP, Apache, C, Python, Perl, SQL
    18 related BrainBench certificates

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •