[Bug 1937] Make it possible to give a give an ssh session only access to a limit subset of ssh-agent keys

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Mon Sep 12 18:45:21 EST 2011


https://bugzilla.mindrot.org/show_bug.cgi?id=1937

--- Comment #2 from Alain Knaff <mindrot2 at misc.lka.org.lu> 2011-09-12 18:45:21 EST ---
Two problems with this work-around:

1. What if Alex started a long-running script needing ssh access, and
went for a coffee?

2. The askpass prompt doesn't actually say which session requested
access to the key. So an attacker could still abuse keys not intended
for him by just timing his request right.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list