Hi,

The rule of thumb seems to be don't let 'root' login under ssh. ssh login via a normal account and then 'su' to 'root'. Ok great ... but ...

Basically, it looks like a remote SSH connection always maintains the same SSH_TTY parm. So if I log in as 'another' and then 'su' to 'root', 'another' will remian the owner of the device SSH_TTY. Isn't this a security risk???

Any other login (or hacker) of 'another' logged in can now access the SSH_TTY of root and send some nasty control characters.

Many thanks for any advice!
Tony

Thats a good question. Although SSH does offer encryption so I dont think its as easy as you make it out to be.

ok, but assuming someone (a hacker) has gotten the password of the 'another' account. The ssh encryption will not stop this hacker from being able to access the SSH_TTY device, since this user is perfectly able to access their own files.

Then, if by chance the legitimate user 'another' decides to 'su' to 'root' ... the hacker could easily send commands to 'root''s screen:

cat "hello" >> /dev/ttypa2

However, I guess "hello" would not be the hacker's first step!

Tony

ok, but assuming someone (a hacker) has gotten the password of the 'another' account. The ssh encryption will not stop this hacker from being able to access the SSH_TTY device, since this user is perfectly able to access their own files.

Hmm. How can you contribute the effects of abusing a compromised account to what is "regular" OpenSSH behaviour?