openssh-agent polling
Jefferson Ogata
Jefferson.Ogata at noaa.gov
Mon Sep 17 10:48:49 EST 2007
On 09/17/07 00:47, Damien Miller wrote:
> On Sun, 16 Sep 2007, Jefferson Ogata wrote:
>
>> if [ -z "$SSH_AUTH_SOCK" ]
>> then
>> for x in /tmp/ssh*/agent*
>> do
>> if [ -S "$x" -a -O "$x" ]
>> then
>> SSH_AUTH_SOCK="$x" ssh-add -l >/dev/null 2>&1
>> if [ $? -ne 2 ]; then
>> SSH_AUTH_SOCK="$x"
>> export SSH_AUTH_SOCK
>> break
>> fi
>> fi
>> done
>> fi
>
> This might connect you to a hostile ssh-agent that harvests your keys.
That's precisely what the -O "$x" is there to prevent.
--
Jefferson Ogata <Jefferson.Ogata at noaa.gov>
NOAA Computer Incident Response Team (N-CIRT) <ncirt at noaa.gov>
"Never try to retrieve anything from a bear."--National Park Service
More information about the openssh-unix-dev
mailing list