On Fri, 2006-09-29 at 11:11 +0200, Markus Friedl wrote:
> On Thu, Sep 28, 2006 at 12:17:17AM -0500, Steven Elliott wrote:
> > So my question is - Why doesn't ssh-agent default the location of the
> > socket file to some well known fixed secure location such
> > $HOME/.ssh/agent?

>
> $HOME might be on a nfs server, so -a $HOME/.ssh/agent
> is not the default.


How is having the socket file on an NFS server a problem? I know that
other applications do it, such as evolution / spamd:
/home/sle/.evolution/cache/tmp/spamd-socket-path-bz4CuE

We at least assume that $HOME/.ssh is secure for ordinary files and
directories. Also, the namespace that has to do with applications
binding to socket files is per machine. So I don't see what harm would
be done by an untrusted machine binding to it.

But there is a problem with a socket file existing when the bind()
system call is run on it (it fails with EADDRINUSE). I tried modifying
ssh-agent.c to set SO_REUSEADDR on the socket just before binding to it,
and that did not help.

Maybe this is the problem you are referring to. Maybe what I suggested
could be amended to include the hostname in the name of the socket file.
Maybe it could just be placed in the /tmp directory as it currently is,
but with some fixed name if that location is available and it can be
secured.

Someone privately sent me an email suggesting that I just capture the
output of ssh-agent and source it later:
ssh-agent -s > foo
source foo
and I agree that will work, but my thought is that it would be nice to
do this once in ssh-agent rather than having various cron jobs, long
running daemons or whatever each trying to figure it out.

--
Steven Elliott