1876 – (agent-context) Requests to use keys held by the ssh-agent have no way of indicating their context

Bug 1876 (agent-context) - Requests to use keys held by the ssh-agent have no way of indicating their context

Summary: Requests to use keys held by the ssh-agent have no way of indicating their co...

Status:	NEW

Alias:	agent-context

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	ssh-agent (show other bugs)
Version:	5.8p1
Hardware:	All All

Importance:	P2 enhancement
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2011-03-08 05:32 AEDT by Daniel Kahn Gillmor
Modified:	2012-07-06 19:03 AEST (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Daniel Kahn Gillmor 2011-03-08 05:32:28 AEDT

When the ssh-agent receives a request to use one of the keys it holds, it gets no context information from the requesting system about what the key operation is to be used for.

My own typical workflow (as a user who actively monitors and confirms the use of my keys by the ssh-agent) is to just correlate things by time.  e.g. "i just did action X, so i expect key Y to be used right around now, so i'll say OK".

If there was a way to communicate the context of the use to the agent, so that the agent could relay that to the user in whatever notification or confirmation it provides, it would seem like a Good Thing.

If there was a way to do that with some measures of cryptographic reliability (e.g. so that a malicious client couldn't say "please make this signature for X" when it was actually intending to be used for Y), it would be even better.  I'm not sure i understand how that could happen, though i'd be happy to consider proposals/suggestions.

I suspect this would require at least an extension to the ssh-agent protocol, but i'm not sure where or how that would be done.