1

Let's say that the server is completely compromised (and the hacker has root access to the compromised server). If I ssh into the compromised server, is there any way (e.g., in the key exchange) that the hacker could gain any access to the (uncompromised) server from which the ssh is initiated?

jhourback
  • 133
  • 3
  • [similar question on serverfault](https://serverfault.com/questions/510154/if-using-public-keys-only-an-ssh-client-logs-into-or-is-already-logged-into). For an example of a SSH client vulnerability, see eg CVE-2016-0777. – tim May 26 '17 at 17:25

1 Answers1

1

I would say that if you will just connect there, nothing should happen. Except you give him your IP so he can theoretically focus you. If you have correctly configured your client.

It really depends on the security of your client setup and another servers you use. If you authorize / sudo yourself using the key the probability he will be able to exploit another server is quiet low.

But many times I also saw tunelling over SSH setup in the way the servers were able to access each other over the SSH channel opened by the user. And keys were stored on "compromised server".

As I said in the beginning. It really depends on many other things, I would say, its hardly possible but not probable if other security recommendations will be followed.

Fis
  • 1,200
  • 7
  • 10