Date: Fri, 1 Jun 2001 10:29:17 +0200 From: Borja Marcos <borjamar@sarenet.es> To: freebsd-security@freebsd.org Subject: Re: Apache Software Foundation Server compromised, resecured. (fwd) Message-ID: <01060109230204.87883@borja.sarenet.es> In-Reply-To: <20010531191001.A12808@xor.obsecurity.org> References: <Pine.BSF.4.21.0105311727160.66343-100000@pogo.caustic.org> <3B16F492.128CB8B0@globalstar.com> <20010531191001.A12808@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday 01 June 2001 04:10, you wrote: > I believe agent forwarding still exposes the problem: it basically > sets up a trust relationship with the remote system which allows > processes running as you on the target machine to access the keys > stored in the original ssh-agent on your source machine. > > i.e. in order to authenticate from the second machine to a third when > agent forwarding is enabled from machine one to machine two, the > second client requests a copy of your decrypted credentials which are > stored in the ssh-agent on the first, and uses them as it pleases > (ideally, only to authenticate -- once, and according to your > directions -- with the third system). Are you sure? I understand that the challenge encryption is done at the first system (by the authentication agent) and the private key is *not* sent to anywhere. If that were the case, the authentication agent would have no useful purpose! Of course, a problem remains; it might be possible to start connections from the second system to the third using the forwarded authentication, but the use of an external device storing the keys would make it more difficult. Borja. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01060109230204.87883>