Re: SSH Questions

[Saad KADHI <Saad.KADHI@neurocom.com>]

> (1) If you start an SSH session, is the entire session encrypted or just
> the authentication?  That is, once I've logged in, would I be safe in
> "su-ing" to root or SSH-ing to another machine?  My intuition says this
> is so, but I felt I should ask just in case.

yes all you session from start to end is encrypted protecting it from 
preying eyes. So when you su to root in a ssh session, a compromise can 
come from the keylogger that consultant installed on your machine ;-) or 
from the remote server (or the hacker have lots of time and found the 
secret of eternal life to crack the RSA keys ;-) )

> (2) If the above is true, does the same hold for an X app remotely
> displayed?  Can I ssh to some system, start a remote X app, and be safe
> from prying eyes?

Well there is a feature called X11 forwarding. I advise you to use 
OpenSSH 2.3.0 because there is a security hole in the previous versions 
(see errata page) but to which a patch exists.
all your questions can be answered from the man pages. For ex, man ssh 
get me this:

ssh (Secure Shell) is a program for logging into a remote machine and for
     executing commands on a remote machine.  It is intended to replace rlogin
     and rsh, and provide secure encrypted communications between two untrust-
     ed hosts over an insecure network.  X11 connections and arbitrary TCP/IP
     ports can also be forwarded over the secure channel.


Please do man ssh & man sshd. They are invaluable source of info. You can also go to www.openssh.com

Regards.


-- 
Saad KADHI -- Security Engineer
---------------------------------
-Shooting innocents is a bad idea and should not be done.
-To get innocents out of a potentially deadly combat situation, "use"
them (press the spacebar).
-Watch you back. Enemies are everywhere and may sneak up behind you.
                                              --Soldier of Fortune--