another way to avoid the ssh agent intrusion is to use TCP tunneling through
SSH. Then the intermediate host is only used for TCP connection bridging, but
all the authentication is happening outside of your jumphost.
- Original Message -
From: Stanislav Sinyagin ssinya...@yahoo.com
From: Jeroen Massar jer...@unfix.org
On 2 Jun 2012, at 05:49, Stanislav Sinyagin ssinya...@yahoo.com
wrote:
When I'm logged in to the VPS, I can do
ssh -A ssinyagin@1.2.3.4
with this command, the server 1.2.3.4 authenticates me through my public
key, and the VPS acts as the SSH agent proxy. So, if that server has my
public
key in .ssh/authorized_keys, I'm easily in, and no security breach on the
VPS would affect my security.
Unless the attacker is on the jumpbox as root as then they can also forward
in the same way, but this should not happen ofcourse ;)
yes, in theory if the attacker is logged in as root, then during my SSH
session
they may make an SSH connection using my credentials. But it would be
difficult
to stay unnoticed, and it's only possible while I'm logged in.
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog