Bug 28182
| Summary: | ssh doesn't auto-forward keys | ||
|---|---|---|---|
| Product: | Documentation | Reporter: | Vivek Khera <khera> |
| Component: | Books & Articles | Assignee: | dd <dd> |
| Status: | Closed FIXED | ||
| Severity: | Affects Only Me | ||
| Priority: | Normal | ||
| Version: | Latest | ||
| Hardware: | Any | ||
| OS: | Any | ||
State Changed From-To: open->analyzed Fixed in -current, thanks! Responsible Changed From-To: freebsd-doc->dd My MFC reminder. State Changed From-To: analyzed->closed MFC'd, thanks. |
The security man page says: Ssh works quite well in every respect except that it forwards encryption keys by default. What this means is that if you have a secure worksta- tion holding keys that give you access to the rest of the system, and you ssh to an unsecure machine, your keys becomes exposed. The actual keys themselves are not exposed, but ssh installs a forwarding port for the This is no longer true; ssh on 4.3 systems doesn't do agent/key forwarding by default any more.