"Virtual hosts" for ssh
Alex Bligh
alex at alex.org.uk
Sat Jun 8 21:25:33 EST 2013
On 8 Jun 2013, at 10:13, Dan Kaminsky wrote:
> Host can always be malicious (believe me, I'm working on some attacks in this space right now). In this case, we're security equivalent to an environment variable we can generally set anyway.
Sure. I just meant a note in the manpage saying something along the lines of 'this variable is not validated by the server and contains exactly what is passed by the client; hence caution should be used when processing it server side'.
> The entire authorized keys system is kind of crufty.
I couldn't possibly comment :-;
If, however, I was inventing an ssh 'virtual server', the first thing I'd want is for different authorized keys etc. per virtual server. This would mean exchanging the 'virtual host' required prior to authentication (and probably prior to key exchange). As far as I can tell from the spec, this would require bumping either protoversion or similar. Far more intrusive.
--
Alex Bligh
More information about the openssh-unix-dev
mailing list