Re: Agent security (was Re: Secure file transfer from unix to windows)

From: UnixFan (gxy1997_at_yahoo.com.au)
Date: 10/28/03 

Date: 27 Oct 2003 23:20:24 -0800

Jacob Nevins <jacobn@chiark.greenend.org.uk> wrote in message news:<Jas*FIK5p@news.chiark.greenend.org.uk>...
> UnixFan <gxy1997@yahoo.com.au> writes:
> >ssh-agent does not give you adequate protection (one can use debugger
> >to retrieve the unlocked private key from ssh-agent: it's not that
> >difficult provided you know how to use debugger and understand C
> >code),
>
> I would have thought that if you're sharing a system with someone who
> has sufficient privilege to do this, and you don't trust them, then
> you're doomed in numerous other ways anyway. Is this not the case?

When you don't trust people who can use root account on your system,
you must not use file system permission as the only way to protect
your keys. But in this situation, you also should not assume ssh-agent
can provide you the required protection: IMO, ssh-agent is a wrong
program which should not exist in security package like SSH: when
other programs handling secret keys are trying to shorten the period
of unprotected keys in memory, ssh-agent is attracting users to let it
to store the unlocked private key in memory for malicious person to
retrieve it.

Relevant Pages

  • Re: Background process for ssh port forwarding
    ... Actually, an even better solution would be to set up public keys WITH a password, then ... simply use an "ssh-agent" to keep it in memory. ... since I'll need to log in to ssh servers with a password. ...
    (comp.lang.python)
  • Re: Apache Software Foundation Server compromised, resecured. (fwd)
    ... >> originating client hosting the first ssh-agent in a chain. ... >> forward your agent from trusted host A to untrusted host B, ... there is a sshd process on Host_B which is ... you used public keys and did not do agent forwarding, ...
    (FreeBSD-Security)
  • Re: Extreamly large Hashtable
    ... >>>I'm assuming that if it is in memory it will be faster then looking ... >>performance (unless it means that the keys' equals() and ... >>references to the objects, ... Even if the Map.Entry overhead is more ...
    (comp.lang.java.programmer)
  • Re: Agent security (was Re: Secure file transfer from unix to windows)
    ... > other programs handling secret keys are trying to shorten the period ... > of unprotected keys in memory, ssh-agent is attracting users to let ... The point is, though, that greater and greater security is not ...
    (comp.security.ssh)
  • Re: Encrypting passwords stored in memory
    ... > A recent security audit has raised the issue that these passwords ... > can be seen if a memory dump of the process is taken or it is ... I've built systems with encryption keys ... Instead use byte arrays, preferably multiple of them located in different ...
    (sci.crypt)