How to check SSH-agent forwarding

tavi0906 — Fri, 26 Jul 2024 12:47:12 GMT

CVE-2023-38408

Not vulnerable - This CVE relates to forwarding the SSH-agent to an attacker's controlled system. We do not use SSH-agent forwarding in Gaia OS.
Note: You may configure SSH-agent forwarding manually, though this may be vulnerable. We will release a fix once it is available from Redhat. In the meantime, customers that manually configured SSH-agent forwarding should review their configuration and make sure it is only forwarded to safe locations.

How to check whether SSH-agent forwarding is configured or not?

Re: How to check SSH-agent forwarding

Bob_Zimmerman — Fri, 26 Jul 2024 14:12:28 GMT

That's only relevant when using the system as an SSH client. Check the client config files. Agent forwarding is disabled by default, so if it isn't explicitly enabled in a client config file, it's not enabled. By default, the relevant files are:

/etc/ssh/ssh_config

~/.ssh/config

topic Re: How to check SSH-agent forwarding in Firewall and Security Management

How to check SSH-agent forwarding

Re: How to check SSH-agent forwarding