On Wed, Nov 27, 2002 at 10:41:29PM -0500, Joey Hess wrote:
> That would still let root replace /usr/bin/gpg with such a program
> though. So something like this is of some value, but only manages to
> narrow the window that lets someone who has temporary access to, say, a
> laptop with an agent running and a passphrase entered, to such a laptop
> on which you have used sudo in the last 15 minutes. Correct me if I'm
I am a bit confused with this description, I don't think sudo comes
into it... sudo is rather different in fact (its timeout mechanism
closer, if anything, to that used in Kerberos, rather then ssh-agent).
The protocol in ssh-agent does not allow any process access the the
private key, rather it signs (or decrypts, depending on protocol
version) any data recieved with the users private key and outputs the
result. This is then used in turn by the ssh protocol to authenticate
you at the remote end of the connection.
So, while it would be possible for a cracker to use this to logon to a
remote system, it is not possible for him/her to steal your private key.
Yes, somebody could replace ssh-add with a Trojan horse, but also
consider this will only work if the attacker compromises the computer
running the ssh-agent, and not if the attacker compromises another
computer, say one which has a ssh-agent session forwarded from the
first computer. Or if somebody breaks into you user account, not the
SE-Linux would make this even better, eg. given a secure policy, an
attacker would not even be able to steal your encrypted private key
So, I can forward an ssh-agent from computer A to B, and I be sure that
no matter what happens on B, as long as the security on A is maintained,
when I disconnect the session nobody will have been able to copy my
private key (assuming of course the ciphers used are secure).
I would hope that gpg-agent follows similar principles...
This would mean that somebody with access to a gpg-agent could sign
and decrypt data at the time, but still not be able to steal your
Obviously the quintuple-agent doesn't, so anyone with access to it,
effectively has unrestricted access to your private key.
 My understanding at least of reading the ssh RFCs. This was years
ago, so I may have some of the details wrong (like signing vs
Brian May <firstname.lastname@example.org>