disable features

Peter W peterw at usa.net
Thu Oct 25 06:02:28 EST 2001


On Wed, Oct 24, 2001 at 03:05:56PM -0400, Ed Phillips wrote:
> On Wed, 24 Oct 2001, Peter W wrote:

> > Also, IIRC, OpenSSH's client will attempt to use agent/keypair auth when
> > initiating a new connection. This means 'ssh'/'sftp' will present your
> > keypair "identity" to new servers unless explicitly asked not to do so.
> >
> > For privacy reasons, you may wish to hide your keypair identities unless
> > needed/warranted.

> > I guess I'm arguing that RSAAuthentication in ssh_config perhaps should
> > default to "no" as well.
> 
> Yeah... I've wondered about this.  If passing your private key to the
> remote side (of course, how else could RSA auth forwarding work if you
> didn't) is too much of a security risk as the default behavior, while
> providing no additional security (only the convenience of not having to
> type in more passwords), then I'd vote to make PasswordAuthentication be
> the only method tried by default.

It's not exposing your private key; it exposes your public key. It's not a
security issue, but rather a privacy issue. You say
 ssh someuser at somehost 
and ssh says "By the way, this user is known as DSA pubkey blah-blah-blah,
would you like us to prove that?" before falling back to password auth;
somehost seeing your pubkey does not threaten your private key, but it might
reveal to somehost a piece of information that somehost does not need. Too
bad there's nothing simple like -a/-A and -x/-X to toggle this keypair-first
behavior. (-k/-K anyone?)

-Peter



More information about the openssh-unix-dev mailing list