On Thu, May 22, 2008 at 10:19:54AM -0500, Mike McGrath wrote: > I know your private key doesn't touch the wire or remote system. But the > agent creates a socket in /tmp/ssh-* and I'm worried someone with access > to that socket could auth to other machines as the user. The agent *isn't* forwarded by default, you need to use either -A in the command line or ForwardAgent yes in the config. Of course nothing stops users from enabling agent forwarding by default but then again nothings stops them from doinf other stupid things with ssh keys, having passwordless keys and keeping a copy of them in some insecure location is one of the worst examples. For the people having agent forwarding enabled by default you already have a problem with all the other machines that they connect anyway for their daily work/whatever. Running a kerberos server is a good alternative to ssh pubkey auth, you can enforce centrally non forwardable tickets if you want so you can be sure that other machines that the user authenticates with cannot connect back to the fedora servers. Kostas Georgiou _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
