artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 489a69b) | patch
Use hostkey parsed from hostbound userauth request
authordjm <djm@openbsd.org>
Sun, 19 Dec 2021 22:13:55 +0000 (22:13 +0000)
committerdjm <djm@openbsd.org>
Sun, 19 Dec 2021 22:13:55 +0000 (22:13 +0000)
commit0960cd2f55df5ac343a54ab80b8e32032da7fd40
tree5296392abcfcf490483a2184d25a341056f92715tree | snapshot
parent489a69bc5a45b322256357b4feed992caccb7d59commit | diff
Use hostkey parsed from hostbound userauth request

Require host-bound userauth requests for forwarded SSH connections.

The hostkey parsed from the host-bound userauth request is now checked
against the most recently bound session ID / hostkey on the agent socket
and the signature refused if they do not match.

ok markus@
usr.bin/ssh/ssh-agent.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim