On giu 17 2025, at 12:58 am, Damien Miller <djm@xxxxxxxxxxx> wrote: > On Mon, 16 Jun 2025, Marco Trevisan wrote: > >> In the short run I feel one thing we may do is to make ssh-agent to only >> use fprintd (it needs to go through fprintd DBus APIs, PAM or >> `fprintd-verify`) every time the agent requires to provide the key, so >> to enforce the security, but not to make it unlock the secret when you >> use `ssh-add`. > > Note that, even if you do the above, the protection the fingerprint > provides to your private key material is only as strong as your OS' > security. If an attacker is able to elevate privilege then they > could steal the key material from the agent without your fingerprint. Isn't this true for any kind of privilege escalation when the agent is in place? _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
