Mahoda Ratnayaka
2016-Jul-26 04:03 UTC
Question about Zeroise sensitive data on client exit on server side.
Hi, I was trying to understand the Zeroise process for ssh server when a client leaves due to connection close, or time out and other cases. And, I noticed that when the client leave the following function on the server cleanup_exit will get called.>From my understanding this function will close all the user authenticationrelated things and then will exit the server process forked for that client connection. I added some debug to ssh_packet_close function, but I cloud not see this being hit in this case. So, just out of interest I would like to know why the sensitive information on the server side is not zeroised. Cause I can see the ssh_packet_close was getting hit on the client side. Thanks, Mahoda