On Sat, Apr 02, 2005 at 05:08:35PM +0200, Boris von Alten Blaskowitz wrote:
> I have I bad feeling with the ssh-agent. For example:
> A intruder can send every kind of data(email text) during a user
> session to the ssh-agent and this will be signed .


Check out the -c parameter to ssh-add, -agent will verify each
signature when you add keys with it, however..


> Another is, that root kan switch to my account and has also access
> to my ssh-keys on the smartcard.


...if you do not trust the host system through which you are sending
your PIN code to the card, you should take care of that issue first.


//Peter

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://www.mindrot.org/mailman/listi...enssh-unix-dev