vulnerability with ssh-agent
Ben Lindstrom
mouring at etoh.eviladmin.org
Sun Jul 18 12:05:38 EST 2004
Sounds like ssh-agent coundn't talk to the askpass program for gnome/x11.
As a result ssh-agent returns a denied and ssh falls back to prompting you
for the passphrase of the key.
- Ben
On Sat, 17 Jul 2004, Keld [iso-8859-1] Jørn Simonsen wrote:
> Hi,
>
> Thanks for all your help on this.
>
> I tried out the ssh-add -c option, and well, it was a bit of a surprise.
> When later I used ssh to connect to a remote site, I was asked to enter
> the passphrase. Well, I should not really be surprised, but my whole
> exercise is to avoid typing in passwords, as this is easy for a
> keylogger to pick up.
>
> So would it not be more secure if there only was a kind of "yes"
> answer to be given? And also that the asking of the confirmation should
> be done by ssh-agent, not by ssh. I am not sure if that is done now.
>
> Best regards
> keld
>
More information about the openssh-unix-dev
mailing list