Why to install a certificate on your primary IP address – Plesk

virus-trojan
virus-trojan

On Linux and probably also other UNIX platforms, there is an OpenSSh Ebury Trojan Horse. Without paying special attention, it’s hard to find it.

Besides that, on UNIX/Linux systems, it’s also very easy to create a Trojan to steal others’ ssh passphrase, for example, malicious person can create an alias when you use bash, so that when you run ssh command, it’s the alias gets called.

To make it more secure, I find the best solution is using AutoSSH from WZIS Software: It makes Trojan detectable: It can detect Ebury Trojan to prevent passphrase got stolen, and it can also detect system call tracing attack, dtrace kind of attack, can prevent TTY keylogger to steal passphrase. When passphrase is pre-encrypted with AutoSSH, no Trojan Horse will be able to steal your passphrase on the local machine. And because every time when you run AutoSSH for remote task automation, it will check first whether ssh command or the libraries it uses have been changed or not, before decrypt the passphrase, it’s the most efficient way to combat Ebury Trojan.