PuTTY SSH tunnel YouTube
I enjoyed the article about SSH persistence in Windows. I liked the app being portable. You mentioned a possible security issue. The password is stored salted in a local file. Is there a way to get a pineapple to rotate keys after x mins of disconnection? Example of why this might solve the problem:
I’m using programs on a thumb drive plugged in to Windows. I’m careless and turn around long enough for a friend to snag my dongle (is that legal in this country). He plugs it into his computer and copies the files over. He plugs the dongle (there’s that word again) back in to my computer. However, since the program crashed (because I was running it from the drive) it doesn’t rebuild the SSH tunnel. I show up while he starts brute forcing my passwords. I’ve set pineapple to rotate to the next key automatically because of the length of the failure (I have the key elsewhere, and know what one will be next). He spends his time hacking something that won’t work (I’ve rotated my key), and I’m already reconnected to the pineapple.
What do you think? Effective security? Maybe it would even be a cooler idea to key hop? Set a series of keys that rotate at every X time so that even brute forcing in the middle won’t work? Just some thoughts.