Proposal for hardening agent forwarding

James Bottomley James.Bottomley at
Sun Mar 14 04:14:21 AEDT 2021

On Fri, 2021-03-12 at 07:00 +0000, Mitchell Blank Jr wrote:
> Hello.
> This week I've been experimenting with some hardening of the agent-
> forwarding process.  I know there have been other proposals in the
> past, but I thought I'd share what I have in case they are of any
> upstream interest.
> For easier review (and to spare your inboxes) I just opened it as a
> PR on the openssh-portable github mirror here: 
> In short it's similar functionality to Timo Weingärtner's ssh-agent-
> filter tool that many are probably already familiar with, but
> integrated directly into the openssh client.
> I just did this for my own use-case, but if some of it is interesting
> as an upstream addition feel free to re-use whatever parts you want.

Filtering the keys by connection would block my usual use case: bastion
hosts that only do rsa.  My TPM is pretty slow at RSA so I usually use
ecdsa for the onward connection to make the total time to connect to
the interior host vaguely bearable.

If -c enough, what about logging all connections so you can verify
after the fact you weren't hacked ... a sort of transparency log
approach which is very popular today?


More information about the openssh-unix-dev mailing list