On Thu, 27 Jan 2000, Eivind Eklund wrote: # You don't get the same effect by using ssh RSA authentication, partly # you either have # (1) Users that key in the passphrase each time they connect to the # server # OR # (2) Agent forwarding, which means that if any computer they have an # account on is compromised, so is your box. I don't see how 2 can true, at least by default. For agent-forwarding to give an attacker a useful advantage against the originating host, that host would have to both be running sshd, and have the public key specified in that particular user's known_hosts. If your configuration satisfies those requirements, then you shouldn't be using RSA in the first place because you're an accident waiting to happen. For all hosts configured to forward agent requests (default) and have the public key present, sure, consider them all compromisable if someone hijacks a session on one of your hosts. As an aside, automatic agent forwarding does have a few hidden pitfalls, though, like forwarding authentication across hosts that didn't use it: A(source) -> B(pubkey present, agent used) B -> C(pubkey missing or different, normal passauth used) C -> D(pubkey present, connection still forwarded) Not sure, but this might still work even if RSAAuth is disabled on C. Don't know if OpenSSH behaves the same way, but I've heard arguments about why this can be good as well as bad. Caveat Emptor, I guess. Jordan Ritter RAZOR Security BindView Corporation
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:32:01 PDT