Subject: Re: ssh-agent and keys

Re: ssh-agent and keys

From: Henrik Nordström <henrik_at_henriknordstrom.net>
Date: Mon, 05 Dec 2011 02:14:15 +0100

sön 2011-12-04 klockan 19:13 -0500 skrev Ben Kibbey:

> I have a question about how to implement ssh-agent support in my
> program. Am I supposed to iterate over libssh2_agent_get_identity() and
> libssh2_agent_userauth() until a valid/correct key is found from the
> agent? It seems insecure if the remote host was somehow compromised
> since the SSH server may collect private keys for others hosts from the
> client.

You can not collect private keys from the agent. Only public keys. And
SSH servers never get the private key at all in any mode of operation,
only a signature which can be verified by using the public component of
the key.

A malicious server MAY collect the public component of any key you
advertise to them, no matter if this is from file or agent. But it is
your choice to select which keys you want to advertise of the available
ones.

Normal mode of operation is to iterate over all the available keys until
one is accepted. You can find an example of this in
example/ssh2_agent.c.

On the wire publickey authentication consists of two steps per key,
first the key fingerprint is sent to the server, and if it's
acceptable(known) to the server then a one-time signature is generated
and sent to the server together with the public key component.

Regards
Henrik

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2011-12-05