[Bug 2438] New: Warn about using ForwardAgent with all hosts

bugzilla-daemon Tue, 04 Aug 2015 14:12:57 -0700

https://bugzilla.mindrot.org/show_bug.cgi?id=2438


            Bug ID: 2438
           Summary: Warn about using ForwardAgent with all hosts
           Product: Portable OpenSSH
           Version: 6.9p1
          Hardware: Other
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: [email protected]
          Reporter: [email protected]

Just as OpenSSH warns if you have insecure permissions on your keys,
I'd suggest that OpenSSH should warn if you have an insecure setting of
ForwardAgent: if you have a global "yes" or a Host * "yes", OpenSSH
could warn and suggest a more host-specific setting.

For an example of how widespread this unsafe setting is:

https://github.com/search?utf8=%E2%9C%93&q=ForwardAgent&type=Code&ref=searchresults

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2438] New: Warn about using ForwardAgent with all hosts

Reply via email to