[Nix-dev] PAM SSH agent auth question
Matt Explosion
aldiyen at aldiyen.com
Tue Jan 13 22:52:41 CET 2015
Perhaps it should be made configurable (on a per service basis), with a
more secure/best-practice type default, so it can be overriden as needed?
I would be happy to make the necessary changes and make a pull request if
so
On 1/13/15, 8:26 AM, "Eelco Dolstra" <edolstra at gmail.com> wrote:
>Hi,
>
>On 13/01/15 05:00, aldiyen wrote:
>
>> Anyone know why the NixOS PAM config that gets generated when the
>>sshAgentAuth
>> setting is set to true includes files owned by the user (within that
>>user's home
>> directory)?
>>
>> It seems like this could be rather insecure, given that an attacker who
>>obtained
>> the ability to write files using the current user's permissions could
>>simply
>> write new SSH keys into these authorized keys files and obtain access to
>> whatever services are configured to allow SSH agent-based authentication
>> (including, perhaps, su and/or sudo)
>>
>> Would it make more sense to change this to reference only the
>> /etc/pam/authorized_keys.d/%u path?
>
>I'm inclined to agree, but it's worth noting that the use of user-owned
>authorized key files is sanctioned by the pam_ssh_agent_auth manpage:
>
> http://pamsshagentauth.sourceforge.net/
>
>--
>Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/
>_______________________________________________
>nix-dev mailing list
>nix-dev at lists.science.uu.nl
>http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
More information about the nix-dev
mailing list