DeepSec 2021 Talk: SSH spoofing attack on FIDO2 Devices in Combination with Agent Forwarding – Manfred Kaiser
Since OpenSSH 8.2 there is the possibility to secure a private key with a with a FIDO2 token (Nitrokey, Yubikey, …). A key protected by FIDO2 must be manually confirmed each time the key is used and prevents misuse of the key if an SSH agent is compromised.
Although it is known that agent forwarding is a security risk and should not be used, support has been extended with OpenSSH 8.5 (Released: 3.3.2021). Prior to OpenSSH 8.5, it was not possible to forward an SSH agent during file transfers (SCP/SFTP) to another server. This was one of the reasons why AUT-milCERT (BMLV) took a closer look at the SSH protocol. The goal was to find out whether a FIDO2 protected key can provide sufficient protection against misuse in case of a leaked agent.
During the analysis of the protocol, several vulnerabilities were found in the RFCs that could allow an attacker to perform targeted Man-in-the-Middle and spoofing attacks.
Manfred Kaiser works for the BMLV. He is responsible for creating security software.