On Tue, 02 Nov 2004, martin f krafft wrote: > If you forward your agent (-A, or ForwardAgent yes), then the > attacker now probably has access to all machines where the SSH key > you used has access.
This goes agaist what I know about the agent. The attacker could *try* to access the agent when it was active (and if you are as paranoid as you should, you're using an agent that ASKS before doing any work). It should not be possible to retrieve key material from the agent, ever. And the whole setup should not be vulnerable to replay attacks when using protocol 2 either. Are you *completely* sure of what you are talking about? -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
