Re: agent draft (was Re: Secure Shell: Milestone Update.)

[Joseph Galbraith <galb-list%vandyke.com@localhost>]

Bill Sommerfeld wrote:
> On Thu, 2005-03-17 at 08:01, Jacob Nevins wrote:
>
> > | The client can add a new private key to the agent with the following
> > | message. Using this message over the net has security implications, and
> > | the implementation SHOULD warn the user before decryption or sending the
> > | private key. (XXX how does ssh-add detect this condition?)
> >
> > | XXX Additional key-types (for private keys), for example "ssh-rsa-
> > | encrypted"?
>
>
> Besides the XXX questions, there's a broader architectural question
> involved with agent forwarding.
>
> Namely, the SSH_AGENT_ADD_KEY request involves sending a valuable
> private signature key with normally unbounded lifetime over the wire
> protected only by SSH's underlying cryptographic channel.  This exposes
> the private key far more than most protocols, and
> precludes use of hardware tokens (such as smart cards) which allow
> cryptographic operations to be requested without providing all users
> with a copy of the key.
>
> A couple possible alternatives:
>
>  1) Some sort of proxy key arrangement such that the private keys don't
> move and instead the signing requests move to the key rather than the
> key move to the "root" agent.

Outside of the implementation specific issue of how to tell
the 'root' agent about key material, I believe the agent
protocol can operate in this mode.

If an implementation provides some other way to tell the agent
about key material and how to access it, the ADD_KEY command
is not necessary.

For example, the agent running on my local machine could be told
about my smart cards and private keys (through some implementation
specific means.)

Then, agent clients would send "SSH_AGENT_PRIVATE_KEY_OP" with
"sign" as the operation to the agent, which eventually gets
forwarded to my local agent, where it access the smart card
to make the signature.

Thanks,

Joseph