On Wednesday, December 4, 2019 8:44:18 PM MST Kevin Kofler wrote:
> How would that work? The shell runs on the server. The SSH agent runs on the
>  client, the only one that has the private key. How can the SSH agent know
> that it is talking to your "fake shell" and not to an attacker's fake "fake
> shell"? This needs to be part of the protocol, not hacked onto it. 

The very same way that it already knows when it's talking to `ssh` on a remote 
server. You've already verified the fingerprint, either manually or using DNS.

-- 
John M. Harris, Jr.
Splentity

_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org

Reply via email to