Is it good for agent forwarding to creates socket in /tmp/

Dustin Lundquist dustin at null-ptr.net
Thu Nov 2 01:58:49 AEDT 2017


OpenSSH takes at least two precautions to protect against other users
connecting to the agent forwarding socket. First it creates a temporary
subdirectory for each socket, this directory has permissions drwx------.
This is because BSDs and Linux differ in how they handle permissions on a
UNIX socket itself (1). Second it validates the identity of the process
connecting the the auth socket (2).

Hope this helps,


Dustin Lundquist


[1]
https://unix.stackexchange.com/questions/83032/which-systems-do-not-honor-socket-read-write-permissions
[2]
https://github.com/openssh/openssh-portable/blob/9f0e44e1a0439ff4646495d5735baa61138930a9/ssh-agent.c#L796-L806

On Wed, Nov 1, 2017 at 3:26 AM, tran dung <trandung0101 at gmail.com> wrote:

> Hi
>
> After logging in to a remote server with ForwardAgent enabled, sshd on the
> remote server creates a socket at /tmp/ and permission is 0755/srwxr-xr-x.
>
> What is the reason to allow everyone to read this socket?
> Also, is it better to save this socket in /home/user/.ssh/?
>
>
> Best Regards
> -----------------------
> Tran Dung
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>


More information about the openssh-unix-dev mailing list