LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-22-2010, 04:12 PM   #1
guarapo
LQ Newbie
 
Registered: Jan 2010
Posts: 4

Rep: Reputation: 0
I think i found a bug in Ssh server


Hi folks, first of all i am sorry about my English...

I think i found a bug in Ssh daemon, or maybe it is not a bug and i am wrong, but i need some help to see the light.

When i connect from a client machine to a server machine via Nautilus (ssh://guest@remote-ip-server:22/home/guest). In the server machine, the who command do no show this guest user logged in.

You will need 2 machines running Debian Lenny (stable) amd64 with Gnome to reproduce this bug, probably you don't.

At client machine with Gnome and Nautilus:
You write this url in Nautilus: ssh://guest@remote-ip-server:22/home/guest
Will prompt for password 2 times (i don't know why)
Now you can navigate remotely via Nautilus...

At the remote server machine:
Code:
server:/# who
root     tty1         2010-01-22 21:53
server:/#
server:/# netstat -atn   
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State 
tcp        0      0 192.168.1.79:22         192.168.1.69:54745      ESTABLISHED
tcp        0      0 192.168.1.79:22         192.168.1.69:54744      ESTABLISHED
server:/#
As you see, you can't see guest user logged in. Maybe it is not a bug, but i am afraid it can be a security issue.

I am totally sure it is not a bug in Ssh because Nautilus do no open an interactive shell but i need some help how to see this type of connection on the server side.

Thanks

Last edited by guarapo; 01-22-2010 at 04:24 PM.
 
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 01-22-2010, 04:22 PM   #2
rweaver
Senior Member
 
Registered: Dec 2008
Location: Louisville, OH
Distribution: Debian, CentOS, Slackware, RHEL, Gentoo
Posts: 1,833

Rep: Reputation: 167Reputation: 167
Type:

Code:
last
Does it list it as having logged in twice?
 
Old 01-22-2010, 05:25 PM   #3
rkdavies
LQ Newbie
 
Registered: Jan 2010
Location: San Diego, California
Distribution: Debian, RHEL, SuSE
Posts: 6

Rep: Reputation: 2
That is because Nautilus is creating an SFTP connection not an SSH session with that method.
 
2 members found this post helpful.
Old 01-22-2010, 05:45 PM   #4
Web31337
Member
 
Registered: Sep 2009
Location: Russia
Distribution: Gentoo, LFS
Posts: 399
Blog Entries: 71

Rep: Reputation: 65
rkdavies is totally right here, sftp connections are not shown in "who" because they actually don't start shell session. That is not debian-specific as well.

Hi and welcome to LinuxQuestions.org, rkdavies!
 
Old 01-23-2010, 07:38 AM   #5
guarapo
LQ Newbie
 
Registered: Jan 2010
Posts: 4

Original Poster
Rep: Reputation: 0
Thank you guys for your fast replies.

Yes, and sftp connection do no open an interactive shell... so no user is logged in.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
May have found a bug in 64 current? corbintechboy Slackware 11 07-11-2009 08:42 AM
Ssh Bug Server Problem Devanshu Kumar Singh Linux - Newbie 4 01-16-2008 12:19 AM
APF / BFD bug found digimon Linux - Security 4 11-19-2006 11:27 PM
Distro reviews bug found thorn168 LQ Suggestions & Feedback 4 03-01-2006 08:07 AM
I found a bug in Kernel 2.4.3-20 fatal Linux - General 2 06-09-2001 02:59 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:30 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration