OpenSSH daemon security bug?
Jamie Beverly
jamie.beverly at yahoo.com
Thu Jan 7 09:12:11 EST 2010
>
> I see the private key is never transfered, even if we use "ssh -A".
>
> Just the connection with the new host is started with the help of the original
> ssh client where the private key is. Could you point me to source code, the
> file or function which start such operation?
>
Sure, a lot of the client meat for ssh-agent stuff is in authfd.c. on the client: sshconnect2.c:pubkey_prepare opens the agent connection, and iterates the key list, sshconnect2.c:userauth_pubkey does client portion of exchange; and auth2-pubkey.c:userauth_pubkey does the server side.
You could also look at my project, http://pamsshagentauth.sourceforge.net/, to see another example of the same type of exchange.
More information about the openssh-unix-dev
mailing list