ssh-copy-id
Jilles Tjoelker
jilles at stack.nl
Fri Feb 28 23:42:18 UTC 2014
On Fri, Feb 28, 2014 at 06:08:10PM -0500, Eitan Adler wrote:
> On 28 February 2014 17:15, Mark Felder <feld at freebsd.org> wrote:
> ....
> > In my opinion, if I'm using an ssh utility and I specify "-i" flag it
> > should be the private key.
> Hey all,
> Sorry about the confusion ssh-copy-id has caused you.
> Does the following patch help ?
In addition to that, it may be useful to add an explicit check against
sending private keys. Even though printf(1) fails, the receiving server
still gets the private key and a malicious root user might steal it.
For example, any key starting with '-' is inappropriate.
--
Jilles Tjoelker
More information about the freebsd-stable
mailing list