Re: doing an ssh into a compromised host
On Tue, 02 Nov 2004, martin f krafft wrote:
> If you forward your agent (-A, or ForwardAgent yes), then the
> attacker now probably has access to all machines where the SSH key
> you used has access.
This goes agaist what I know about the agent. The attacker could *try* to
access the agent when it was active (and if you are as paranoid as you
should, you're using an agent that ASKS before doing any work).
It should not be possible to retrieve key material from the agent, ever. And
the whole setup should not be vulnerable to replay attacks when using
protocol 2 either.
Are you *completely* sure of what you are talking about?
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
Reply to: