Re: Host equivalence

From: John Brightwell (
Date: 04/28/03

  • Next message: Greg Wooledge: "Re: non commercial use"
    Date: Mon, 28 Apr 2003 10:04:36 +0100 (BST)

    On Thu, Apr 24, 2003 at 02:03:34PM +0100, John
    Brightwell wrote:
    > I had in mind that they could use RSA Authentication
    > to authenticate the admin's private key but then (if
    > they're dead keen on transparently moving to other
    > systems) they can somehow cache their key for
    > connecting to other systems.
    > I seem to recall sysadmins at other companies having
    > way of accomplishing this (using eval I think)

    Why not just use a key with a blank passphrase (so it
    doesn't prompt for a
    passphrase at all), and moving the key around to
    systems from which they want
    to be able to log in?


    The trouble with the above solution is that the key is
    then unprotected. Anyone that can gain access to the
    machine(s) which hold the key can potentially get the
    key (by booting to an alternate OS and trawling the
    disk). So this provides about the same security as
    using host authentication.

    The advantage with having the key 'cached' is that a
    rebooted client should hopefully lose the cached
    entry. So if anyone manages to compromise the machine
    that is used as a client there's a better chance that
    they won't be able to get to every other machine
    (still not as secure as requiring login at each host

    It looks like ssh-agent is the way to go (as suggested
    by one of the respondants).

    Sadly, I may be back to square-one because one of the
    sysadmins has informed me that they run multi-host
    backups initiated centrally and using scripts to shut
    down services (such as Oracle) prior to backup. These
    are scheduled and, therefore, cannot be tied to a
    sysadmin's shell (and cached key) :-(

    Yahoo! Plus
    For a better Internet experience

  • Next message: Greg Wooledge: "Re: non commercial use"