Results 1 to 10 of 10
Thread: Leaving SSH session open?
-
08-07-2002, 10:58 PM #1Junior Guru Wannabe
- Join Date
- Feb 2002
- Posts
- 37
Leaving SSH session open?
Hello,
Are there any security issues with leaving a ssh session open. For example if i walk away for an hour or several hours should i kill the session?
I would asume i am safe, but i have never been told eaither way.
Thanks: confused:
-
08-07-2002, 11:07 PM #2Aspiring Evangelist
- Join Date
- Aug 2002
- Location
- Sacramento, CA
- Posts
- 353
Well, if nobody is going to be using the computer, then there is no harm in leaving it open.
-
08-07-2002, 11:07 PM #3Web Hosting Master
- Join Date
- Jun 2000
- Location
- Washington, USA
- Posts
- 5,990
As long as no one has access to your computer, you're fine.
-
08-08-2002, 10:29 AM #4Web Hosting Master
- Join Date
- Feb 2002
- Posts
- 2,120
I suggest you set-up filter and rules on port 22.
-
08-08-2002, 07:39 PM #5Junior Guru Wannabe
- Join Date
- Aug 2002
- Location
- Chicago, IL, United States
- Posts
- 64
Well.. there can be some trouble with leaving it open... it depends on how you have ssh set up what openssh server you are useing and what client you are useing to get it... and what the connection goes in between
Anthony LaMantia
www.bia-security.comAnthony LaMantia
http://www.bia-security.com
-
08-08-2002, 10:36 PM #6Junior Guru Wannabe
- Join Date
- Feb 2002
- Posts
- 37
Thanks for the help everyone, here is the info you requested.
SSH Versions on RH 7.1
Package Name
openssh-3.1p1-5
openssh-clients-3.1p1-5
openssh-server-3.1p1-5
virtualhosting-fst-ssh-3.0.2-53
webppliance-ssh-3.0.2-53
webppliance-ssh-frontend-3.0.2-53
Log in as root disabled
Connecting with Putty protocol 2
Using Comcast cable, any insights would be apreceated.
-
08-08-2002, 10:52 PM #7WHT Addict
- Join Date
- Jul 2002
- Location
- New Hampshire
- Posts
- 154
The only real problem I can see with leaving the session open is the vulnerability of the client machine. If its unlocked and in a place accessible by others you may have a problem. If not I wouldn't worry much about it.
SadistikalWhen you say "I wrote a program that crashed Windows", people just stare at
you blankly and say "Hey, I got those with the system, *for free*".
-- Linus Torvalds
-
08-08-2002, 11:48 PM #8Junior Guru Wannabe
- Join Date
- Feb 2002
- Posts
- 37
In that case my machine here is windows 2000 pro and i have Zone ALarm installed so I guess i am OK.
Last edited by doug357; 08-09-2002 at 12:40 PM.
-
08-09-2002, 04:05 AM #9Web Hosting Master
- Join Date
- Jun 2002
- Location
- Sydney, Australia
- Posts
- 1,745
Yep, I think the main issue is the security of the client machine.
I normally have several ssh sessions open to various servers all the time, but when I go away I use 'vlock' to lock the console.
For example:
root@descartes$ vlock
*** This tty is not a VC (virtual console). ***
*** It may not be securely locked. ***
This TTY is now locked.
Please enter the password to unlock.
root's Password:
Vlock can be overridden by killing the process in another session (root or the user running vlock) - other than that there is no way that I know of to get around it.
I don't think it comes as default - so you may have to install it if you have the privileges.
--ShaunShaun Ewing
shaun.net
-
08-09-2002, 11:58 AM #10Web Hosting Master
- Join Date
- Jan 2002
- Location
- Kuwait
- Posts
- 679
Nobody can hijack an SSH session from the network or between you and the other end. Unless they can get access to the client machine, it is safe.
Not only physical access, somebody might be able to get to your desktop from over the network using remote assistance on windows or XWindows' networking capabilities.