I saw a blurb in the Debian docs about only enabling
ssh-agent port forwarding if you are certain of the
security of the remote host, due to possible attacks
by root at the remote end.
I think the idea is that root could
presumably send authentication requests back to
my ssh-agent and be authenticated for services
that are only for me.
I consider this a good argument for disabling
ssh-agent port forwarding. However, I think
a compromise could be reached which would make
me, and probably others, quite comfortable.
I'd like to know what others think about the security
and/or usefulness of this scheme:
ssh-agent prompts for confirmation before authenticating
anything that came from a remote port forward. It doesn't
have to prompt for a passphrase, just a "yes/no" confirmation
of whether I want to perform an authentication. If I am
not attempting to login anywhere else, and that confirmation
suddenly pops up, then I would know that something is amiss.
Or maybe I'm overestimating the usefulness of forwarding the
agent's port. Is that only needed in a multi-hop scenario,
so that if I always went direct from my originating box
to a destination I don't ever need it?
Thanks for your thoughts.
-Rob
--
Robert W. Brewer
Jesus rules!
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
