[Bug 2438] New: Warn about using ForwardAgent with all hosts
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Wed Aug 5 07:12:28 AEST 2015
https://bugzilla.mindrot.org/show_bug.cgi?id=2438
Bug ID: 2438
Summary: Warn about using ForwardAgent with all hosts
Product: Portable OpenSSH
Version: 6.9p1
Hardware: Other
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: josh at joshtriplett.org
Just as OpenSSH warns if you have insecure permissions on your keys,
I'd suggest that OpenSSH should warn if you have an insecure setting of
ForwardAgent: if you have a global "yes" or a Host * "yes", OpenSSH
could warn and suggest a more host-specific setting.
For an example of how widespread this unsafe setting is:
https://github.com/search?utf8=%E2%9C%93&q=ForwardAgent&type=Code&ref=searchresults
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list