Date: Fri, 1 Jun 2001 01:21:33 -0700 From: Michael Han <mikehan@mikehan.com> To: Crist Clark <crist.clark@globalstar.com> Cc: security@FreeBSD.org Subject: Re: Apache Software Foundation Server compromised, resecured. (fwd) Message-ID: <20010601012133.A1203@giles.mikehan.com> In-Reply-To: <3B16FD12.B1F251C8@globalstar.com>; from crist.clark@globalstar.com on Thu, May 31, 2001 at 07:25:22PM -0700 References: <Pine.BSF.4.21.0105311727160.66343-100000@pogo.caustic.org> <3B16E7D9.3E9B78FF@globalstar.com> <20010531183732.B12216@xor.obsecurity.org> <3B16F492.128CB8B0@globalstar.com> <20010531191001.A12808@xor.obsecurity.org> <3B16FD12.B1F251C8@globalstar.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, May 31, 2001 at 07:25:22PM -0700, Crist Clark wrote: > Kris Kennaway wrote: > > > > On Thu, May 31, 2001 at 06:49:06PM -0700, Crist Clark wrote: > > > Kris Kennaway wrote: > > > > > > > > On Thu, May 31, 2001 at 05:54:49PM -0700, Crist Clark wrote: > > > > > > > > > *sigh* > > > > > > > > > > You cannot 'record passphrases.' RSA authentication uses public key > > > > > cryptography. The client, the person logging in, proves it knows a > > > > > secret, the private key, without ever revealing it to the server who > > > > > only knows the public key. > > > > > > > > The ssh client on the sourceforge machine was trojaned; > > > > > > A lot of people SSH _out_ of the sourceforge machine(s)? And they do > > > so by typing a passphrase on that machine as opposed to agent forwarding? > > > > Apparently so. > > > > I believe agent forwarding still exposes the problem: it basically > > sets up a trust relationship with the remote system which allows > > processes running as you on the target machine to access the keys > > stored in the original ssh-agent on your source machine. > > > > i.e. in order to authenticate from the second machine to a third when > > agent forwarding is enabled from machine one to machine two, the > > second client requests a copy of your decrypted credentials which are > > stored in the ssh-agent on the first, and uses them as it pleases > > (ideally, only to authenticate -- once, and according to your > > directions -- with the third system). > > According to the documentation, this is NOT how the agent forwarding > works. The second client passes data, typically a challenge, back to > machine one, where the agent does its thing with the private key > material, then passes the decrypted challenge information back to > machine two. > > [snip] Crist, I believe your analysis is correct WRT decrypted keys or passphrases *not* being available except by compromising the originating client hosting the first ssh-agent in a chain. However, Kris is correct, as I understand agent forwarding, in that if you forward your agent from trusted host A to untrusted host B, a rogue superuser on B could copy your SSH_AUTH_SOCK environment and begin passing RSA key requests back to your agent on A. There *is* a vulnerability introduced by forwarding your agent to an untrusted host, which is why I do not usually forward my agent. I try to give my understanding of these issues in http://www.mikehan.com/ssh/security.html -- mikehan@mikehan.com http://www.mikehan.com/ coffee achiever San Francisco, California A closed mouth gathers no foot To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010601012133.A1203>