On Wednesday, December 4, 2019 8:44:18 PM MST Kevin Kofler wrote: > How would that work? The shell runs on the server. The SSH agent runs on the > client, the only one that has the private key. How can the SSH agent know > that it is talking to your "fake shell" and not to an attacker's fake "fake > shell"? This needs to be part of the protocol, not hacked onto it. The very same way that it already knows when it's talking to `ssh` on a remote server. You've already verified the fingerprint, either manually or using DNS. -- John M. Harris, Jr. Splentity _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
