ssh-agent discard timeout behavior (too easy to hack)
mouring at etoh.eviladmin.org
mouring at etoh.eviladmin.org
Fri Jan 18 02:05:59 EST 2002
On Thu, 17 Jan 2002, Peter Watkins wrote:
> On Thu, Jan 17, 2002 at 09:19:45AM +0200, Pekka Savola wrote:
> > On 16 Jan 2002, Aran Cox wrote:
> > > Ideally you could choose both, dump the keys after a fixed period no
> > > matter what and/or after a period of disuse. At least, that's what I've
> > > always wanted. I'd dump them all after 4 hours no questions asked and
> > > maybe an hour or two after their last use.
> >
> > What's the idea of such a short idle period?
> >
> > Me, for example, always xlock my workstation even if I go to talk to my
> > colleagues nearby. If sufficient care is observed, the time periods
> > should be usably long.
>
> Same here. I can see why folks might want such a feature, but I personally
> would not need/want such behavior on some of my systems. I would personally
> prefer that *default* behavior be current behavior; let folks add command
> line arguments to request that certain keys be treated differently.
>
> Behavior question: let's say ssh-agent holds a key for sshd.example.com
> If ssh-agent were to dump that key, should it
> - forget about the key entirely (in which case, if the user were to
> connect to sshd.example.com, the user would likely be prompted for
> a regular password *after* ssh had already connected; if the user
> needed/wanted to use their key, they'd have to abort the ssh connection
> and re-add the key to ssh-agent before reconnecting)
Why would it? The authorization phase has pasted. They would be prompted
at the next connection for a password.
- Ben
More information about the openssh-unix-dev
mailing list