Re: Patching a SSH 'Weakness'

[Jonathan Schleifer]

Am 13.09.2008 um 11:36 schrieb Stuart Henderson:

> Not always. You might connect to another machine and connect
> out again from there.

You could directly connect from your machine to the other machine. You
might bring the argument that you can't get a direct connection, but
for that purpose, SSH tunneling exists.

> Of course there are some times ssh-agent is reasonably safe
> and useful. There are other times it isn't. "RTFM first" -
> you mean the one which says "This method is easily abused by
> root or another instance of the same user"?

Sorry, I assumed that you own the machine you ssh to and are root
there. Sure, if it's not your machine, root could get a security
issue. But root could also give you a version of ssh that has
backdoors. So ssh-agent wouldn't be the concern. If I don't trust
root, I wouldn't use that machine at all! And never even think about
sshing from there to somewhere else!

That RTFM first was about that you type the password locally and that
ssh-agent exists. Sorry, your reply seemed like you didn't know how
ssh and ssh-agent works.

> There is also the case that in some jurisdictions you can be
> required to hand over encryption keys. Some people might prefer
> to use passwords instead of encrypted certificates when they
> connect to certain hosts.

I don't know a single country where you are forced to hand over keys,
but not to hand over passwords

--
Jonathan

[demime 1.01d removed an attachment of type application/pgp-signature which had 
a name of PGP.sig]