From owner-freebsd-security  Thu May 31 19:23:32 2001
Delivered-To: freebsd-security@freebsd.org
Received: from mail.webmonster.de (datasink.webmonster.de [194.162.162.209])
	by hub.freebsd.org (Postfix) with SMTP id A362637B422
	for <freebsd-security@FreeBSD.ORG>; Thu, 31 May 2001 19:23:26 -0700 (PDT)
	(envelope-from karsten@rohrbach.de)
Received: (qmail 93110 invoked by uid 1000); 1 Jun 2001 02:23:47 -0000
Date: Fri, 1 Jun 2001 04:23:47 +0200
From: "Karsten W. Rohrbach" <karsten@rohrbach.de>
To: Crist Clark <crist.clark@globalstar.com>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Apache Software Foundation Server compromised, resecured. (fwd)
Message-ID: <20010601042347.C90738@mail.webmonster.de>
Mail-Followup-To: "Karsten W. Rohrbach" <karsten@rohrbach.de>,
	Crist Clark <crist.clark@globalstar.com>,
	freebsd-security@FreeBSD.ORG
References: <Pine.BSF.4.21.0105311727160.66343-100000@pogo.caustic.org> <3B16E7D9.3E9B78FF@globalstar.com> <20010601031131.K85717@mail.webmonster.de> <3B16F3DD.E57AF761@globalstar.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="O3RTKUHj+75w1tg5"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <3B16F3DD.E57AF761@globalstar.com>; from crist.clark@globalstar.com on Thu, May 31, 2001 at 06:46:05PM -0700
X-Arbitrary-Number-Of-The-Day: 42
X-URL: http://www.webmonster.de/
X-Disclaimer: My opinions do not necessarily represent those of my employer
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


--O3RTKUHj+75w1tg5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Crist Clark(crist.clark@globalstar.com)@2001.05.31 18:46:05 +0000:
> "Karsten W. Rohrbach" wrote:
> >=20
> > Crist Clark(crist.clark@globalstar.com)@2001.05.31 17:54:49 +0000:
> > > *sigh*
> > >
> > > You cannot 'record passphrases.' RSA authentication uses public key
> > > cryptography. The client, the person logging in, proves it knows a
> > > secret, the private key, without ever revealing it to the server who
> > > only knows the public key.
> > >
> > *sigh*
> >=20
> > fopen() does not have rsa support (thank god)
> > btw, the ssh-agent(1) holds the _decrypted_ key you opened with
> > ssh-add(1), entering your passphrase that went via a fd from ssh-askpass
> > to ssh-add.
>=20
> Yep. It does. So?
if you ssh to the untrusted box, have your .ssh/identity there (no good
practice but a lot of people do it) ssh asks you to enter the
passphrase. with a modified ssh binary an attacker would have the=20
passphrase. thus, he could obtain the decrypted identity/key.

>=20
> > > The use of public key crypto allows you to log into potentially
> > > untrusted servers without revealing your secret.
> > hopping a host you got to take care of the ssh binary handling your
> > auth token connecting to another - untrusted - server. thus, the binary
> > is also potentially untrusted.
> > also the ssh ForwardAgent option is potentially dangerous, then.
> > portforwarding, too.
>=20
> You misunderstand what agent forwarding is. Your private RSA key does
> NOT leave your local machine. Agent forwarding means that remote requests
> for the agents help will be forwarded to the local machine. When you
> are logged into a remote machine and do some action that requires the
> agent's help, the data is forwarded to the local agent, it does whatever
> magic is done, and the result of the action is passed back along to=20
> the remote machine. Note, the _result of the action_ is passed along,
> your private key is NOT passed to the remote server.
>=20
> Read the Ylonen SSH draft, specifically the section, "The Authentication=
=20
> Agent Protocol," for details.
reading the source, i see that the agent itself does all the signing. i
should have looked into ssh-agent.c first :-)
in this case, agent forwarding has the preference over storing crypted
identity on a remote host *grin*

anyway, portforwarding could at least lead to session dos attacks i think.

/k

--=20
> "Niklaus Wirth has lamented that, whereas Europeans pronounce his name
> correctly (Ni-klows Virt), Americans invariably mangle it into
> (Nick-les Worth).  Which is to say that Europeans call him by name, but
> Americans call him by value."
KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie
http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.n=
et/
karsten&rohrbach.de -- alpha&ngenn.net -- alpha&scene.org -- catch@spam.de
GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE  DF22 3340 4F4E 2964 B=
F46

--O3RTKUHj+75w1tg5
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7FvyzM0BPTilkv0YRAp6RAJ9C5SU/JfelAwgGimnBhniM25VIQACdG2PS
45KhSQW05oH6itGcXES03xo=
=gTZv
-----END PGP SIGNATURE-----

--O3RTKUHj+75w1tg5--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message