Trick user to send private key password to compromised host

Dan Yefimov dan at
Wed May 14 08:19:51 EST 2008

On Tue, 13 May 2008, Jefferson Ogata wrote:

> > This problem along with backups or NFS/CIFS traffic dumps being available to 
> > the attacker has nothing to do with OpenSSH at all. Those are political and too 
> > generic issues. If you care so much about security, keep your backups in a 
> > secure place and never use NFS-backed homes over insecure networks. As for 
> > CIFS, AFAIK it can use SSL.
> Of course this is an issue for openssh; matters such as network home 
> directories and backup policies are not under openssh's control, but 
> openssh's private key handling IS under openssh's control. Do you even 
> understand the purpose of the private key passphrase? It appears not...
Strange assertion. Of course, I understand the purpose of the private key 

> Openssh can and should write something indicating the the private key 
> was successfully decrypted before continuing authentication, let alone 
> requesting a shell. Arguably it should similarly print something if the 
> private key was successfully retrieved from ssh-agent.

And it can do that when run with -vv command line argument, if desired.

> This feature could be under control of a directive, of course.
Or under command line argument's control, like it is done currently.

    Sincerely Your, Dan.

More information about the openssh-unix-dev mailing list