[mosh-devel] Secure agent forwarding with Mosh

Daniel Roethlisberger daniel at roe.ch
Thu Nov 9 09:43:51 EST 2017 

Keith Winstein <keithw at cs.stanford.edu> 2017-11-08:
> We developed a (prototype) tool that does secure agent forwarding and works
> with Mosh. Would be grateful for testing and feedback:
> https://github.com/StanfordSNR/guardian-agent
> 
> Compared with traditional ssh-agent forwarding, this tool provides
> more-constrained agent forwarding that we think could safely be enabled on
> any connection. It works alongside any version of Mosh or SSH. Users run
> sga-guard (the agent) on their local machine, in a separate window
> alongside the interactive session. sga-guard prompts the user to approve
> forwarded ssh requests from the intermediary host, either with an X11 popup
> or in that second terminal window. Unlike with ssh-agent forwarding, the
> agent can enforce limits on which intermediary host can run which command
> on which servers.
> 
> Based on feedback to this beta/prototype, maybe we can agree on a good way
> to incorporate these techniques more deeply into Mosh. (Even if it's just a
> mosh -A flag that sets this up automatically instead of needing a second
> terminal window.)

This is an interesting project.  However, note that all I'm
looking for is for mosh to support a -A workalike of ssh -A.  If
it's not a drop-in replacement for ssh -A for typical use cases,
or can be configured that way easily, then it's not the solution
to my problem.

Specifically, I am not interested in manually approving agent
requests.  The ratio of hassle to mitigated risk is unreasonable
in my opinion.  It addresses a narrow category of attacks while
not helping against other attacks with similar prerequisites and
risk (e.g. injecting commands into TTYs of SSH sessions from the
compromised system, or replacing a legit auth challenge on the
compromised server as it is being handed to the client machine's
agent where it will be approved by the user).  So unless the
confirmations can be easily removed by configuration or patching,
I won't be overly excited about this.

Contrary to your README document, I don't believe the risks of
agent forwarding through a compromised system are
underappreciated.  Rather, they are being conciously accepted,
especially as they are not going away even with manual approvals.

As a minor nitpick, I would prefer a solution that actually uses
the same protocol and hence does not need additional network and
firewall considerations on top of mosh.

-Daniel

-- 
Daniel Roethlisberger
http://daniel.roe.ch/

More information about the mosh-devel mailing list