0
  1. Suppose there is Client - Server machine.
  2. On the Client machine, we have generated an SSH-KEYGEN and stored the same key on Server Machine.
  3. Which means, when Client connects Server using SSH, it won't require Password.
  4. If Client machine gets hack, then the Server machine is vulnerable to all the attacks?
Sumit Nayak
  • 101
  • 1

2 Answers2

2

If your private key that you use to connect to a server is compromised, that means that any server you use this keypair on is also compromised and vulnerable to further attacks, as essentially the attacker has now the same access rights to the server as you.

Note that if the attacker had any amount of time with the private key before you noticed the intrusion, you need to consider the server as compromised as well and reinstall it from scratch to prevent any hidden backdoors a competent attacker would have installed at the very first step.

Sven
  • 98,649
  • 14
  • 180
  • 226
  • 1. In this process /root/.ssh/id_rsa.pub is shared between the server. So what can be done with this – Sumit Nayak Jul 12 '17 at 13:42
  • What is that supposed to tell me? – Sven Jul 12 '17 at 13:44
  • If the attacker gained control of the private key for this public key, he could have done absolutely anything. As I wrote, you need to consider the server as compromised and reinstall it from scratch with a fresh set of credentials. – Sven Jul 12 '17 at 13:47
  • To clarify, the .pub half of your key is public information. You can't get into anything with it, and that public half is used to allow access using the private key. Never give out the private key. Nothing should be asking for your private key. These keys are intuitively named. – Spooler Jul 12 '17 at 14:37
  • You also don't have to scatter that private key to the winds to get access into extended remote environments if you use the -A option in SSH, which will forward your private key along with your session. This keeps you from having to copy your private key up to places that you don't necessarily want that key. Also consider that every time you copy your private key like that you're increasing your attack surface. It's better to forward rather than copy when possible. – Spooler Jul 12 '17 at 14:39
0

If the ssh key is compromised (client is hacked) then that grants the hacker access to the server. You can mitigate this somewhat by password-protecting the ssh-key, with the protection scaling with the quality of the password on the key.

Jason Martin
  • 5,023
  • 17
  • 24