[Bug 2472] Add support to load additional certificates

Thu Feb 22 02:45:01 AEDT 2018

https://bugzilla.mindrot.org/show_bug.cgi?id=2472

Jakub Jelen <jjelen at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jjelen at redhat.com

--- Comment #15 from Jakub Jelen <jjelen at redhat.com> ---
> > but IMO users shouldn't be able to add keys to an agent *without*
> > presenting their private section.
> 
> Can you elaborate a little more on this? Do you see a security risk?

If the server would accept such key, it would be a big security issue
of that server. I believe it is just a good practice making sane also
the client applications that is not going to allow potentially
broken/breaking configuration. You can send the public key/certificate
tests but you can really not authenticate without the private
counterpart.

Thank you for the work on the patch. It sounds like a useful feature to
do and support. But I am not sure if this is the best way how to do
that. Your proposal about adding
SSH2_AGENTC_ADD_CERTIFICATE_CONSTRAINED sounds significantly better
even for the price of extending the protocol for one more message.

For the patch to be more acceptable, I believe few test cases to verify
the general functionality would be good. There is already one
almost-working test with ssh-agent and soft-pkcs11 module, but I
elaborated on it more in the bug #2817, which is solving different
problem of PKCS#11 support, but can be used as a reference for the test
cases.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.