vulnerability with ssh-agent
Keld Jørn Simonsen
keld at dkuug.dk
Sun Jul 18 03:00:10 EST 2004
On Sat, Jul 17, 2004 at 10:59:41AM -0500, Ben Lindstrom wrote:
>
>
> On Sat, 17 Jul 2004, Keld [iso-8859-1] Jørn Simonsen wrote:
>
> > I have taken the sources and done a little hacking, and I noticed a
> > remark that the encryption of sensitive information in ssh-agent was a
> > "TODO". So somebody else than me, and with some status in the project,
> > enough to make comment on what to do, has also considered it a good
> > idea, to encrypt keys and other stuff.
>
> You're misunderstanding the comment. The comment is suggesting when
> ssh-agent is locked that all private data should be encrypted beyond
> setting the "locked" flag.
>
> It is not an over all "keep everything encrypted that is private".
OK, sorry. What would be the difference between always keeping the data
encrypted, and only when it is locked? It would be the same data, if I
understand it correctly? I am looking for some obsfucation. I think,
currently, the keys can be obtained by a root intruder by just using a
standard debugger. I would like him to sweat a little.
Best regards
keld
More information about the openssh-unix-dev
mailing list