Date: Fri, 15 Jun 2001 15:05:33 -0400 (EDT) From: <khera@kciLink.com> To: FreeBSD-gnats-submit@freebsd.org Subject: docs/28182: error in security man page Message-ID: <200106151905.f5FJ5X372686@onceler.kciLink.com>
index | next in thread | raw e-mail
>Number: 28182
>Category: docs
>Synopsis: ssh doesn't auto-forward keys
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-doc
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: doc-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Jun 15 12:10:03 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator: Vivek Khera
>Release: FreeBSD 4.3-STABLE i386
>Organization:
>Environment:
System: FreeBSD onceler.kciLink.com 4.3-STABLE FreeBSD 4.3-STABLE #6: Mon Jun 11 12:39:31 EDT 2001 khera@yertle.kciLink.com:/u/yertle2/usr.obj/amd/onceler/u/onceler1/usr/src/sys/ONCELER i386
>Description:
The security man page says:
Ssh works quite well in every respect except that it forwards encryption
keys by default. What this means is that if you have a secure worksta-
tion holding keys that give you access to the rest of the system, and you
ssh to an unsecure machine, your keys becomes exposed. The actual keys
themselves are not exposed, but ssh installs a forwarding port for the
This is no longer true; ssh on 4.3 systems doesn't do agent/key
forwarding by default any more.
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-doc" in the body of the message
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106151905.f5FJ5X372686>