Re: Signing Packages.gz

To: debian-devel@lists.debian.org
Subject: Re: Signing Packages.gz
From: Robert Bihlmeyer <robbe@orcus.priv.at>
Date: 02 Apr 2000 19:44:56 +0200
Message-id: <874s9ko0rr.fsf@hoss.orcus.priv.at>
In-reply-to: Julian Gilbey's message of "Sun, 2 Apr 2000 14:47:40 +0100"
References: <20000402004904.A9522@polya> <Pine.LNX.3.96.1000401165438.458O-100000@wakko.deltatee.com> <20000402144740.B10782@polya>

Julian Gilbey <J.D.Gilbey@qmw.ac.uk> writes:

> On my home machine, I have an identity in .ssh/identity.pub.
> I copied that into .ssh/authorized_keys on master (possibly using the
> LDAP system).
> I *also* copied it into .ssh/authorized_keys on my home machine.
> 
> That extra copy on my home machine (somehow) allows root to snoop my
> identity and so get into my home machine without a password.

This is only possible if you used ssh-agent at some point, and had
"agent forwarding" turned on at this time (this may be turned on by
default). If you never use the agent, you're not at risk.

> Solution: remove the identity from .ssh/authorized_keys on my home
> machine.

Note that *any* keys that your agent holds can be snarfed by the
admin(s) of any hosts where you ssh-in with agent forwarding enabled.

-- 
Robbe

Reply to:

Follow-Ups:
- Re: Signing Packages.gz
  - From: Jason Gunthorpe <jgg@ualberta.ca>
- Re: Signing Packages.gz
  - From: Anthony Towns <aj@azure.humbug.org.au>

References:
- Re: Signing Packages.gz
  - From: Julian Gilbey <J.D.Gilbey@qmw.ac.uk>
- Re: Signing Packages.gz
  - From: Jason Gunthorpe <jgg@ualberta.ca>
- Re: Signing Packages.gz
  - From: Julian Gilbey <J.D.Gilbey@qmw.ac.uk>

Prev by Date: Re: Pgcc in Deb
Next by Date: Re: [PROPOSAL] update-binfmts - manages the binfmt_misc kernel module
Previous by thread: Re: Signing Packages.gz
Next by thread: Re: Signing Packages.gz
Index(es):
- Date
- Thread