openssh-agent polling
Damien Miller
djm at mindrot.org
Mon Sep 17 10:47:22 EST 2007
On Sun, 16 Sep 2007, Jefferson Ogata wrote:
> if [ -z "$SSH_AUTH_SOCK" ]
> then
> for x in /tmp/ssh*/agent*
> do
> if [ -S "$x" -a -O "$x" ]
> then
> SSH_AUTH_SOCK="$x" ssh-add -l >/dev/null 2>&1
> if [ $? -ne 2 ]; then
> SSH_AUTH_SOCK="$x"
> export SSH_AUTH_SOCK
> break
> fi
> fi
> done
> fi
This might connect you to a hostile ssh-agent that harvests your keys.
Better to set the agent socket location using ssh-agent's -a option to
either a canonical location, or a randomised location in a user-owned
directory.
-d
More information about the openssh-unix-dev
mailing list