[PATCH] dropbear: add config options for agent-forwarding support

Hauke Mehrtens hauke at hauke-m.de
Sat Jul 24 11:08:29 PDT 2021


On 7/16/21 12:44 AM, Sven Roederer wrote:
> * SSH agent forwarding might cause security issues, locally and on the jump
>    machine (https://defn.io/2019/04/12/ssh-forwarding/). So allow to
>    completely disabling it.
> * separate options for client and server
> * keep it enabled by default
> 

How much bigger will the dropbear binary get with these options?

Will dropbear always activate agent forwarding for the client connection?

I think it is no security problem when the server always uses agent 
forwarding, but when the client forwards the agent to every host it 
could get a problem.

> Signed-of-by: Sven Roederer <devel-sven at geroedel.de>
> ---
>   package/network/services/dropbear/Config.in | 9 +++++++++
>   package/network/services/dropbear/Makefile  | 5 ++++-
>   2 files changed, 13 insertions(+), 1 deletion(-)
> 



More information about the openwrt-devel mailing list