Re: openssh-agent polling
This is a discussion on Re: openssh-agent polling within the OpenSSH Development forums, part of the Networking and Network Related category; On 09/17/07 00:47, Damien Miller wrote: > On Sun, 16 Sep 2007, Jefferson Ogata wrote: > >&...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
09-17-2007
|
|||
|
|||
Re: openssh-agent polling
On 09/17/07 00:47, Damien Miller wrote:
> On Sun, 16 Sep 2007, Jefferson Ogata wrote: > >> if [ -z "$SSH_AUTH_SOCK" ] >> then >> for x in /tmp/ssh*/agent* >> do >> if [ -S "$x" -a -O "$x" ] >> then >> SSH_AUTH_SOCK="$x" ssh-add -l >/dev/null 2>&1 >> if [ $? -ne 2 ]; then >> SSH_AUTH_SOCK="$x" >> export SSH_AUTH_SOCK >> break >> fi >> fi >> done >> fi > > This might connect you to a hostile ssh-agent that harvests your keys. That's precisely what the -O "$x" is there to prevent. -- Jefferson Ogata <Jefferson.Ogata@noaa.gov> NOAA Computer Incident Response Team (N-CIRT) <ncirt@noaa.gov> "Never try to retrieve anything from a bear."--National Park Service _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org https://lists.mindrot.org/mailman/li...enssh-unix-dev 
|
Linear Mode
