The ssh private key file, stored under ~/.ssh/id_rsa in many *nix distros, is typically owned by the user, allowing any program invoked by that user to read the file, and perhaps upload it to a remote server.
Is this accurate? Are there examples of malware known to have done this? How common is this?
Aucun commentaire:
Enregistrer un commentaire