SSH caches keys of ongoing sessions in /tmp. Root can hijack, SSH to machine (twitter.com) 2 points by frogger8 3y ago ↗ HN
[–] theamk 3y ago ↗ Someone discovered either "ssh-agent" or ssh agent forwarding.I bet the next tweet from that account is: "Red Teamers: Check out ~/.ssh for user ssh keys! root user can hijack them and SSH to any machine the user can access"
[–] gladiatr72 3y ago ↗ Um. Yeah. That's kinda how that whole root thing works. [–] frogger8 3y ago ↗ lol fair response
3 comments
[ 3.0 ms ] story [ 20.1 ms ] threadI bet the next tweet from that account is: "Red Teamers: Check out ~/.ssh for user ssh keys! root user can hijack them and SSH to any machine the user can access"