Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Question about Zeroise sensitive data on client exit on server side.

1 view
Skip to first unread message

Mahoda Ratnayaka

unread,
Jul 26, 2016, 12:35:36 AM7/26/16
to
Hi,

I was trying to understand the Zeroise process for ssh server when a client
leaves due to connection close, or time out and other cases. And,
I noticed that when the client leave the following function on the server
cleanup_exit will get called.

From my understanding this function will close all the user authentication
related things and then will exit the server process forked for that client
connection. I added some debug to ssh_packet_close function, but I cloud
not see this being hit in this case.

So, just out of interest I would like to know why the sensitive information
on the server side is not zeroised. Cause I can see the ssh_packet_close
was getting hit on the client side.

Thanks,
Mahoda
_______________________________________________
openssh-unix-dev mailing list
openssh-...@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

0 new messages