Updated Privacy and Anonymity (markdown)

2025-05-23 02:11:23 +03:00 · 2021-04-16 13:25:10 +00:00 · 2021-04-16 13:25:10 +00:00 · 51cf888d61
commit 51cf888d61
parent d0b8cd0346
1 changed files with 6 additions and 1 deletions
--- a/Privacy-and-Anonymity.md
+++ b/Privacy-and-Anonymity.md
@ -30,6 +30,8 @@ Same issue as ssh-agent, but with PKCS11 Identities.<br/>
 Forwards your local connection to your authentication agent over the ssh tunnel. A malicious server can use this to attack your local machine.<br/>
 ### ForwardX11: <br/>
 Redirects X11 connections over the ssh tunnel. THIS IS DANGEROUS as any remote user that can bypass file restrictions can access your local X11 display! A malicious server or any server operating in a hostile environment can attack your local machine!<br/>
+### SSH Client Version String: <br/>
+Your client version string is sent in cleartext. Eavesdropping adversaries and the server will likely know what OS you are using and gain more information on your operations setup by looking at the version string. <br/>

 # Mitigations
 ### OpenSSH: <br/>
@ -56,7 +58,10 @@ Explaination: <br/>
 TODO <br/>

 # Sources Referenced:
-
+List of Default keys and Disable SSH Agent from sending keys: <br/>
+https://serverfault.com/questions/139870/stop-ssh-client-from-offering-all-the-public-keys-it-can-find/515214#515214 <br/>
+Dangerous features to enable in OpenSSH Client while connecting to servers: <br/>
+https://unix.stackexchange.com/questions/106595/myth-or-reality-selinux-can-confine-the-root-user <br/>

 # Page TODO:
 - Explain Threat modeling