SSH Agent Forwarding #120
Comments
|
👍 I can't use mosh for this very reason. I need to be able to connect to other machines in the environment I'm accessing plus use my ssh key to push/pull code from github. |
|
This requires tunnelling the agent request from the server back to the client. |
|
I'd be interested in this feature, too. |
|
If #41 ends up being resolved be adding tunnels for arbitrary octet streams, agent forwarding should be trivial to add on top of that. |
|
+1 for being able to ForwardAgent. In our case also critical for getting code to/from GitHub on remote servers. |
|
+1 I need the agent for sudo authentication. |
|
+1 mostly for github |
|
+1 also! |
|
👍 .. this would be very useful |
|
+1 |
1 similar comment
|
+1 |
|
Hard to resist the urge to say nothing but '+1' to @Mkaysi's comment... |
|
All right, folks, the message has been heard loud and clear! We will put this on the roadmap for a release, probably the one immediately after 1.2. No need to keep +1ing - we will do it. |
|
Any word on if this is still planned for 1.2 or near/after 1.3? |
|
+1 from me. I naively thought that this was implemented and after building mosh at the server systems and running it, realized that this is not quite ready yet. Any updates on the timeline? |
|
+1 for me as well, this is a blocking issue for me, as I do remote development, using local keys to communicate with upstream SCM repositories. |
|
+1 mostly for being able to work with github when doing remote development from EC2 machines. |
|
Sorry for spamming everyone, GitHub doesn't appear to have a feature to get notifications of changes on an issue without +1'ing it. So +1 for me too. |
|
@tsuna see at the bottom of any issue page |
|
+1 for agent forwarding |
|
Came to report another issue, saw this. Key forwarding is absolutely required to my workflow and I am seriously concerned about the way the mosh devs handle ssh keys if it wasn't baked in from the beginning. |
|
Mosh works fine with SSH keys (or any SSH login method), since we just use SSH itself to handle authentication. We don't allow the user to forward ssh-agent requests because, frankly, nobody has contributed the code and we haven't gotten around to it. But in general, ssh-agent forwarding is inappropriate for high-security environments. There is little to stop a compromised remote host from requesting your credentials to do 'rm -rf /' (or modify authorized_keys) on a bunch of remote hosts. The user doesn't find out what the remote host wants to do with your credentials; the ssh-agent protocol just lets a process use your key to sign any request. If you forward ssh-agent, then it lets a remote host use your key to sign any request. It's almost the same security characteristics as just copying your credentials to the remote host in the first place -- but not quite, since the remote host loses access to your credentials after you log out (unless it uses them in the meantime to insert its evil key in your authorized_hosts file elsewhere). I am surprised by all the people saying we need this because they are security freaks. You don't forward ssh-agent if you are a security freak. ssh-agent forwarding is a convenience feature that should not be on by default and should only be used when connecting to semi-trusted hosts. @apeiron, no need for concern. A process that does ssh-agent forwarding just takes bytes from the remote host and ferries them to the local host's ssh-agent and similarly for the reply. It doesn't touch secret data. All it does is make remote requests to the ssh-agent look like they are coming from the local host. For the reasons above, that's a risky thing to allow, but actually making it happen is easy. |
|
@keithw ssh-agent has confirmation feature that can protect you from that scenario when remote host does 'rm -rf /' on other remotes. ssh agent forwarding is really good for accessing git repository from development and testing servers. Also it is good for proxying ssh connections through other hosts when there is no direct connection. |
|
Tell me more about this confirmation feature. My understanding is that there is no way for the agent (and therefore the local user) to learn what command the remote host intends on executing once it is able to authenticate. All the protocol allows is for ferrying public-key challenges and the associated responses. |
|
Yes, you can not controll what command is executed. But you can control
|
|
I don't think that's right. The ssh-agent only learns which identity (key pair) the requesting process is trying to use. It doesn't learn which host the request came from (remember, forwarding makes the request appear to be coming from the local machine) and it doesn't learn which remote server that process is trying to connect to, or what command the process is trying to execute on the remote server. Happy to be corrected though if my understanding is off. |
|
Yes, it seems that you are right. So the better way to improve ssh-agent security is using different keys for different groups of servers. Anyway, that is generic weakness of single sing on systems. SSH has agent forwarding feature and it will be nice to have it in mosh. |
|
I think for most people waiting on this issue, this isn't as much about conveniency as it is about security. |
|
There already is a fork that loosely follows the master branch of upstream mosh + agent patch. I won't commit myself to maintain it for the rest of my life though. |
|
@rinne Yes, this is about motivating upstream to take this seriously. There's actually two bounties now. A smaller one for this pull request in particular, and a larger for the original feature request. |
|
Just discovered Mosh today. Was excited to try it out. Discovered that Agent Forwarding didn't work. Connected to my server, and everything was great. Then I tried to git clone and realized there was no agent forwarding. Without that feature Mosh is completely useless to me. Saw that this issue is from 2012. That is very disappointing. Guess it's back to trusty old SSH for me. |
|
If we have a working patch, what exactly is preventing the merge?
What is blocking this so we can be clear about resolving it or working around it? |
|
@HaleTom Lack of interest from the upstream developers' side. |
|
Please see mailing list discussion on this (https://www.mail-archive.com/mosh-devel@mit.edu/msg00980.html). Excerpt:
There is some good news: we think we've figured out a way to do secure ssh-agent forwarding (something that could be enabled all the time, for any server, without the stern warning that accompanies |
Would you mind sharing? |
|
I read the mailing list discussion on this and would appreciate anyone subscribed to that list posting here when the following tool is made available:
|
|
Hmm, is there any work-around for this issue until @keithw 's good news gets implemented (fingers crossed). |
In the dawn of time when there was a standardisation effort for ssh protocol, there was also some new proposals for agent protocol. However, the protocol has remained much the same and there is no real standard for that. The pretty obvious extension that would allow policy based decisions in agent, would be a "forward notification" packet that all clients would add to the forwarded agent connection (towards the agent) and include the information of the endpoint where that particular client is connected. That would mean that agent receiving an agent connection would get 0..n forward notification packets before anything else and could reconstruct the forwarding path before deciding whether to allow signatures and which keys or certificates to show etc. Basically the user could then limit the agent forwarding to the systems he trusts. And the first level of forward notifications, would only need support in the client the user is using first. Server support is never needed. Anyways, this is not mosh specific. |
|
Hi folks, Here is our prototype for secure agent forwarding that works with Mosh (or SSH): Guardian Agent. Compared with traditional This approach also does not require changes to the underlying Mosh protocol to carry ssh-agent request data within the interactive terminal, and we don't have to commit to (and support) a protocol for carrying reliable agent traffic between mosh-clients and mosh-servers. Right now, Guardian Agent works alongside any version of Mosh or SSH. Users run There is a more detailed writeup in the README. Please let us know what you think, both about the usability of the tool or about the underlying mechanism. Please file any issues with the tool as GitHub issues in the Guardian Agent repository. We're looking forward to everybody's feedback. |
|
+1 I can see the SSH agent forwarding is a very nice feature, I would be happy to see that feature supported by mosh. Description of the agent protocol can be found
|
|
@sbz Something like that is not going to work -- Mosh only uses SSH to authenticate and remotely invoke the If you want ssh-agent forwarding, use Guardian Agent! It works (and the design is more secure than normal ssh-agent forwarding, keeping in mind that Guardian Agent is beta software and needs the experience of people trying to break it and criticize the design). |
|
I am very skeptic about a new agent implementation that requires a script wrapper around ssh is going to see any wide audience adoption. And an agent is already integrated to default sessions in most Linux distros and MacOS. |
|
@keithw Ok thank for your reply and clarification. I will try Guardian Agent! @rinne I will checkout your branch, looks like the good commit to watch is rinne/mosh@dfa183d |
|
@keithw appreciate all the work you and your team put into mosh and Guardian Agent. I think it's great that there's a more secure option for agent forwarding. However, I agree with @rinne that wide adoption is rather unlikely, at least in the short term. Now that there's a supposedly better solution for agent forwarding, I think mosh should also add support for the builtin agent forwarding, and let the users decide which one they want to use. I think it's detrimental to mosh to not merge #696. Clearly there is a lot of interest and support for that feature. Let the users decide which alternatives they prefer. |
|
I would like this feature, too, but a <30 second workaround for connecting to a remote server and then accessing github is to just generate a new ssh key and add it to github, e.g., |
|
From the README:
IMO, this is a pretty strong signal that we should not use Guardian Agent for security-conscious environments, which are precisely the ones where we'd prefer agent forwarding over simply storing a key on the remote host. I appreciate the desire to avoid the issues associated with agent forwarding, but until Guardian Agent is considered stable and secure, I don't think it's a viable alternative. |
|
:-) We had a pretty similar disclaimer for the first few years of Mosh, and the results speak for themselves. There's no point in boasting about security before we have a track record. But I think the idea is that if you all try Guardian Agent and the feedback is good, we'll integrate it more tightly into Mosh. That sort of solves the problem of adoption. |
|
In general, I know it's frustrating to have a PR sitting around and not get merged, but it's not just a question of the implementation -- we really don't want to complicate the protocol in a way that we then have to support forever going forward (especially by bolting it into the object that gets synchronized by SSP, which is unfortunately a bit of a kludge -- not Timo's fault, it's just that SSP is not very good at this use case). If you look at where the security holes come from in OpenSSH and OpenSSL, it's largely from added complexity that wasn't really necessary. Mosh has never had a significant security hole (yet -- knock on wood) and I don't think that's entirely luck -- it also comes from saying no to things that add complexity to the protocol in a way that makes it harder to reason about. |
|
@keithw, just please mark the protobuf message numbers used in agent forwarding patch as reserved in upstream master, so they are not accidentally recycled later. Apart from that, I'm pretty much beyond caring. |
|
Sounds pretty reasonable -- you want Mosh to keep tag 8 (your |
|
@keithw "Sounds pretty reasonable -- you want Mosh to keep tag 8 (your oob) reserved in TransportBuffers::Instruction?" Yes, please. As far as I understand, that should be enough to never break interoperability with agent enabled client vs non-enabled server and vice versa. |
|
+1 add agent forwarding |
|
This discussion is a bit ridiculous. mosh is either a supposed SSH replacement intended for use instead of SSH everywhere possible (in which case it will need to support all the silly stuff as well) or it is just a wrapper that makes roaming easier for few hosts (in which case you might argue improving security is a thing). |
|
Hi folks -- I'm going to lock the conversation here because it doesn't seem to be productive anymore. We are not making the protocol changes proposed in Timo Rinne's pull request, for the reasons we've explained earlier here: we really don't want to complicate the protocol in a way that we then have to support forever going forward (especially by bolting it into the object that gets synchronized by SSP, which is unfortunately a bit of a kludge -- not Timo's fault, it's just that SSP is not very good at this use case). If you look at where the security holes come from in OpenSSH and OpenSSL, it's largely from added complexity that wasn't really necessary. Mosh has never had a significant security hole (yet -- knock on wood) and I don't think that's entirely luck -- it also comes from saying no to things that add complexity to the protocol in a way that makes it harder to reason about. If you want ssh-agent forwarding with Mosh, please use Guardian Agent and provide feedback if you have it: https://github.com/StanfordSNR/guardian-agent It works and I use it every day! If feedback is good, we may consider integrating Guardian Agent more closely into a future version of Mosh. It's true that Guardian Agent is newer and less-tested software, but, so was Mosh when it was younger. The only way it will be more-tested is if more people use it. And, we think it is a lot more secure than "uncontrolled" ssh-agent forwarding. |
and others
Would be great to be able to forward local SSH agents. Seems to ignore
ForwardAgent yesin~/.ssh/configThe text was updated successfully, but these errors were encountered: