also sprach Dariush Pietrzak <eyck@forumakad.pl> [2004.11.02.0947 +0100]: > > If you forward your agent (-A, or ForwardAgent yes), then the > > attacker now probably has access to all machines where the SSH key > > you used has access. > Is this indeed true? I was under an impression that ForwardAgent works more > in challenge-response fashion? Nope. It is true. Copy the appropriate /tmp/ssh* directory, chown it, set SSH_AUTH_SOCKET appropriately, and ssh away. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <madduck@debian.org> : :' : proud Debian developer, admin, user, and author `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
Attachment:
signature.asc
Description: Digital signature