From owner-freebsd-doc  Fri Jun 15 12:10: 9 2001
Delivered-To: freebsd-doc@freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 8796937B408
	for <freebsd-doc@freebsd.org>; Fri, 15 Jun 2001 12:10:03 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.3/8.11.3) id f5FJA3i27239;
	Fri, 15 Jun 2001 12:10:03 -0700 (PDT)
	(envelope-from gnats)
Received: from yertle.kciLink.com (yertle.kcilink.com [216.194.193.105])
	by hub.freebsd.org (Postfix) with ESMTP id C68D637B409
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 15 Jun 2001 12:05:33 -0700 (PDT)
	(envelope-from khera@kciLink.com)
Received: from onceler.kciLink.com (onceler.kciLink.com [216.194.193.106])
	by yertle.kciLink.com (Postfix) with ESMTP id 28ADE2E45F
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 15 Jun 2001 15:05:33 -0400 (EDT)
Received: (from khera@localhost)
	by onceler.kciLink.com (8.11.4/8.11.3) id f5FJ5X372686;
	Fri, 15 Jun 2001 15:05:33 -0400 (EDT)
	(envelope-from khera)
Message-Id: <200106151905.f5FJ5X372686@onceler.kciLink.com>
Date: Fri, 15 Jun 2001 15:05:33 -0400 (EDT)
From: <khera@kciLink.com>
Reply-To: khera@kciLink.com
To: FreeBSD-gnats-submit@freebsd.org
X-Send-Pr-Version: 3.113
Subject: docs/28182: error in security man page
Sender: owner-freebsd-doc@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-doc.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-doc>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-doc>
X-Loop: FreeBSD.org


>Number:         28182
>Category:       docs
>Synopsis:       ssh doesn't auto-forward keys
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-doc
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jun 15 12:10:03 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Vivek Khera
>Release:        FreeBSD 4.3-STABLE i386
>Organization:
>Environment:
System: FreeBSD onceler.kciLink.com 4.3-STABLE FreeBSD 4.3-STABLE #6: Mon Jun 11 12:39:31 EDT 2001 khera@yertle.kciLink.com:/u/yertle2/usr.obj/amd/onceler/u/onceler1/usr/src/sys/ONCELER i386


	
>Description:
	

The security man page says:

     Ssh works quite well in every respect except that it forwards encryption
     keys by default.  What this means is that if you have a secure worksta-
     tion holding keys that give you access to the rest of the system, and you
     ssh to an unsecure machine, your keys becomes exposed.  The actual keys
     themselves are not exposed, but ssh installs a forwarding port for the

This is no longer true; ssh on 4.3 systems doesn't do agent/key
forwarding by default any more.

>How-To-Repeat:
	
>Fix:

	
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-doc" in the body of the message