OpenSSH and Smartcard

Peter Stuge stuge-openssh-unix-dev at
Sun Apr 3 03:01:35 EST 2005

On Sat, Apr 02, 2005 at 05:08:35PM +0200, Boris von Alten Blaskowitz wrote:
> I have I bad feeling with the ssh-agent. For example:
> A intruder can send every kind of data(email text) during a user
> session to the ssh-agent and this will be signed .

Check out the -c parameter to ssh-add, -agent will verify each
signature when you add keys with it, however..

> Another is,  that root kan switch to my account and has also access
> to my ssh-keys on the smartcard.

..if you do not trust the host system through which you are sending
your PIN code to the card, you should take care of that issue first.


More information about the openssh-unix-dev mailing list