Re: agent draft (was Re: Secure Shell: Milestone Update.)

[Bill Sommerfeld <sommerfeld%sun.com@localhost>]

On Thu, 2005-03-17 at 08:01, Jacob Nevins wrote:
> | The client can add a new private key to the agent with the following
> | message. Using this message over the net has security implications, and
> | the implementation SHOULD warn the user before decryption or sending the
> | private key. (XXX how does ssh-add detect this condition?)
> 
> | XXX Additional key-types (for private keys), for example "ssh-rsa-
> | encrypted"?

Besides the XXX questions, there's a broader architectural question
involved with agent forwarding.

Namely, the SSH_AGENT_ADD_KEY request involves sending a valuable
private signature key with normally unbounded lifetime over the wire
protected only by SSH's underlying cryptographic channel.  This exposes
the private key far more than most protocols, and
precludes use of hardware tokens (such as smart cards) which allow
cryptographic operations to be requested without providing all users
with a copy of the key.

A couple possible alternatives:

 1) Some sort of proxy key arrangement such that the private keys don't
move and instead the signing requests move to the key rather than the
key move to the "root" agent.

 2) Some sort of ticket/certificate style arragement where the long term
key at a remote agent client is used to sign a certificate "delgating"
to a temporary agent key for a limited time.

 3) if the agent is the only trusted one and the remote system is not
trusted to see the cleartext private key, the key could be stored
remotely in encrypted form and decrypted
by the agent (using a passphrase or other means).  (very different use
model.)

There's also the "mission creep" question of whether the agent should
act as a proxy for other forms of authentication (gssapi/kerberos/...)

							- Bill