Deleting SSH key(s) from agent

Peter Lebbing peter at digitalbrains.com
Tue Aug 23 10:36:12 CEST 2016


On 23/08/16 10:20, Karol Babioch wrote:
> How are you guys dealing with multiple SSH keys while making sure the
> correct one is being used?

I don't make sure the correct one is used.

The challenge that is signed with your private key is based on data
provided by both the server and the client. I have never heard of an
attack that allowed a challenge for one SSH server to be used as
authentication to a different SSH server. In other words, I've never
heard of an attack where a rogue SSH server can impersonate you on a
different server when you authenticate to the rogue server.

If I'm mistaken, I'd like to know. But I suspect the system was
correctly designed to thwart such a thing.

So I don't think there is a need to ensure the correct key is used.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list