High-risk tools in Ssh Agent
9 of the 27 tools in Ssh Agent are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
ssh_auto_connectExecute自动连接配置文件中标记为auto_connect的连接
-
ssh_connectExecute建立SSH连接
-
ssh_connect_by_config_hostExecute使用SSH config文件中的主机名建立连接
-
ssh_connect_by_nameExecute使用配置文件中的连接名称建立SSH连接
-
ssh_executeExecute在SSH连接上执行命令
-
ssh_send_inputExecute向交互式会话发送输入(如密码、命令等)
-
ssh_start_async_commandExecute启动长时间运行的异步命令
-
ssh_start_interactiveExecute启动交互式SSH会话(支持sudo、vim、mysql等需要交互输入的命令)
-
ssh_terminate_commandExecute终止正在运行的异步命令
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.