PDA

View Full Version : Keylogging and SSH. A question.


duffer
07-04-2006, 11:09 PM
No specifics, but nothing illegal or happening.

Most days my computer use involves using a PC outside my home. I know that keylogging is used from those computers. The keylogging is supposedly for security reasons only. This is understandable as a person could do some serious mayhem and they need to know about it if it does. However, for some things such as accessing my bank account and other sensitive content, I'd prefer passwords/etc to not be known by people I really don't know.

Now, to everyone that's going to say "Do it on your home computer", let me say that there are days when a payment is due before I get home, and the money isn't available until that morning after I leave home. The point is, nothing illegal, treasonous or underhanded.

Anyway, I use Putty and SSH to "tunnel" to my home system, then access any private stuff. What I'm wondering is this.

I know when I use this config, it's undetected by the SysOp. It just looks like noise. But is the keylogging still able to pick up the passwords, etc.? Am I really keeping private info private doing this? Or am I just using a fancy way of giving away a lot of personal info?

friedo
07-04-2006, 11:33 PM
The keylogger still logs everything you type into your SSH terminal. It's not encrypted until it goes out on the network.

ed
07-04-2006, 11:37 PM
There's no reason why the keylogger would NOT pick up your keystrokes, regardless of the type of remote session you have. Additionally, since your workstation is "compromised" (by the sysops) you should know it would be possible for them to decrypt your session information, since they would theoretically have access to the negotiated keys when your session is established. This may be unlikely, but it's possible. SSH is designed to keep your session private from outside intrusion; once someone has complete access to your machine locally, all bets are off.

Short answer: there's no way to be sure of anything on a work PC, and you have to assume they can always see everything.

Mr2001
07-05-2006, 08:47 PM
Anyway, I use Putty and SSH to "tunnel" to my home system, then access any private stuff. What I'm wondering is this.

I know when I use this config, it's undetected by the SysOp. It just looks like noise. But is the keylogging still able to pick up the passwords, etc.? Am I really keeping private info private doing this? Or am I just using a fancy way of giving away a lot of personal info?
As others have said, you should assume the keylogger will pick up everything you type, no matter what program you're typing it into.

You can hide your SSH password from the keylogger by using public key authentication instead of a password, carrying your private SSH key around on a USB flash drive or floppy disk - that is, if the computers you're using have available USB ports or floppy drives. The logger will still catch your key passphrase if the key is encrypted (a good idea in case your disk gets stolen), so make up a new passphrase that you only use for the SSH key, and hope that if your disk does get stolen, the thief isn't the same sysadmin who has access to your key logs. Also, hope that the system isn't automatically making copies of the disk's contents.

Anything you type into the SSH session will of course be logged, so if it's possible, you should get the browser on your home system to memorize the passwords so you won't have to type them while you're away.

ftg
07-05-2006, 09:56 PM
Solution #3: Use a live CD (e.g., Knoppix) and store your settings and data on a USB drive. Insert CD, boot, plug in drive.

I work on "fixing" screwed up PCs from time to time and I never type personal info into such a machine. I always assume that there's lots of Bad Things running on the machine.

Boot CDs and USB drives are the way to go.

Mr2001
07-05-2006, 10:01 PM
Boot CDs and USB drives are the way to go.
That might not work if it's a hardware keylogger, or if the sysadmins notice you booting your own OS.

drachillix
07-05-2006, 10:08 PM
That might not work if it's a hardware keylogger, or if the sysadmins notice you booting your own OS.

If you are booting your own os on a machine will circumvent any software protection they have in place, problem is the lack of preconfigured security handling or an OS using non standard protocols for your company may be flagged as some kind of hack attempt and would get your IT people in a HUGE snit if detected and or backtracked. Hardware tracking could care less what your OS is, it will still have it.

Where I used to work, if anything like that happened everyone would be looking at me. Anyone else there would be lucky to get their email let alone load another OS.

drachillix
07-05-2006, 10:09 PM
I work on "fixing" screwed up PCs from time to time and I never type personal info into such a machine. I always assume that there's lots of Bad Things running on the machine.

I fix PC's for a living and I can't think of one good reason to access any of my security risk personal data from a client machine.

Best Topics: gandalf smokes weed rosary for deceased bob gray schwein hund males using tampons peo international.org fugitive glue strips snapple owner asshole golf eating sunflower shells smelt taste songs with accordions why flush krypton exploding purple egg soggy crackers raised on robbery superglue history scanned passports car hood protector canucks meaning academic bible computer sex games commodity trader salary common nonpolar solvents uti forums fabric softener towels claude rix magic cottonwood seedling paleolithic emotions can lions swim minoan fashion warm spot on leg that comes and goes 19th century british naval uniforms nikki heat books real author what does an american accent sound like to foreigners cell block tango what does the hungarian say how to get accutane if your cat had an answering machine what does manatee taste like is every solitaire game winnable does hawaii have a baseball team what weighs 15 tons how tall is god my printer is in an error state media mail how long electric stove turns on and off 2002 pontiac bonneville power window problems pee wee's playhouse dixie counter suing for frivolous lawsuit chicken breast average weight will dandruff shampoo kill lice difference between tacos and burritos does menards install fences sword and dagger fighting bag of weed family guy song how far away can the statue of liberty be seen let the motherfucker burn medical term for butt cheek best chicken cross the road jokes dean koontz best books received someone else's amazon package water smells like wet dog how much is a ice cream truck brother printer usb cable not included jos a bank tailoring cost