Filtering which identities are forwarded by ssh-agent to a given host

Ángel González keisial at
Wed Feb 4 09:27:28 AEDT 2015

On 02/02/15 03:53, Damien Miller wrote:
> On Mon, 2 Feb 2015, ?ngel Gonz?lez wrote:
>> IMHO the way to go is not teach ssh the agent protocol, but modify the agent
>> protocol so that each request gets prepended the hostname requesting it
>> (forwarded connections would contain the full chain)
> Then you have to modify all of ssh, sshd and ssh-agent and doesn't
> work until they are all upgraded.
Only ssh-agent and ssh (and the change to the former could be trivial)

> Moreover, unless you include signing (by the hostkey) for forwarded hops
> and verification of same at the agent side, then you can't trust anything
> past the first hop.
I wasn't attempting to go that far. Just accountability, similar to how 
headers work in SMTP. And yes, you can't trust anything past the first 
evil hop.
Still, I see many benefits compared to the current all-or-nothing agent 
(Of course, to be really sure that nobody intercepts the agent request, 
you MUST
perform the ssh connection locally, with a ProxyCommand. Full Stop)

More information about the openssh-unix-dev mailing list