SSH key forwarding is dangerous and a large attack vector.
Here’s what man ssh_config(5) has to say about ForwardAgent:
Agent forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host can access the local agent through the forwarded connection.
An attacker cannot obtain key material from the agent, however they can perform operations on the keys that enable them to authenticate using the identities loaded into the agent.
The solution is to confirm by hand each time the key is used. For this we use a simple YES/NO dialog which can be confirmed with the return key. So no big loss of comfort.
- With this setup
ssh-agent
will ask for confirmation every time an ssh key is requested. - This solution refers to macOS, since macOS does not include
ssh_askpasss
by default. - For this to work SSH keys must be loaded with
ssh-add -c
.
$ cat .zshrc | grep askpass -A8
# askpass
export DISPLAY=":0"
export SSH_ASKPASS="$HOME/bin/ssh-askpass"
export SSH_AUTH_SOCK="$HOME/.ssh/ssh-agent.sock"
if ! ssh-add -l 2>/dev/null >/dev/null; then
killall ssh-agent
rm $SSH_AUTH_SOCK
ssh-agent -a "$SSH_AUTH_SOCK" >/dev/null
fi
$ cat $HOME/bin/ssh-askpass
#!/bin/bash
# SSH_ASKPASS for macOS
if [ -e '/tmp/disable-askpass' ]
then
TIME_MODIFIED=$(stat -f %m /tmp/disable-askpass)
TIME_NOW=$(date +%s)
TIME_ALLOW=$(($TIME_MODIFIED + 60))
if [ $TIME_ALLOW -ge $TIME_NOW ]
then
exit 0
fi
fi
result=`osascript \
-e 'tell application "Terminal"' \
-e "display dialog \"$@\" buttons {\"Deny\", \"Allow for 1min\", \"Allow\"} default button 3 with title \"SSH Agent\" with icon caution" \
-e 'end tell'`
if [ "$result" = "button returned:Allow for 1min" ]
then
touch /tmp/disable-askpass
exit 0
fi
if [ "$result" = "button returned:Allow" ]
then
exit 0
fi
exit 1
source: https://serverfault.com/a/238500