OpenSSH daemon security bug?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Jan 7 04:12:09 EST 2010
On 01/06/2010 05:01 AM, Davi Diaz wrote:
> Does "ssh -A" or any other parameters copy the private key to a remote host?
No, the private key is never directly exposed to the remote host.
However, "ssh -A" *will* expose the ability to *use* the private key to
the remote host, unless your agent is configured to prompt the user
before using the key ("ssh-add -c"). So for the duration of the
connection, your account on the remote host (and of course the superuser
account on the remote host) will have effective access to the key.
But they will not be able to retain the key itself.
In general, "ssh -A" is probably a bad idea. Most uses of "ssh -A" are
better done with so-called "jump hosts", which allow you to still use
the "star" pattern instead of the "chain" pattern of ssh connections.
See Matt Taggart's "Good Practices for ssh" for more tips:
http://lackof.org/taggart/hacking/ssh/
he describes a simple jumphost setup (look for ProxyCommand) on that page.
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20100106/c5a6a0fb/attachment.bin>
More information about the openssh-unix-dev
mailing list