ssh-agent use in different security domains

Daniel Kahn Gillmor dkg at
Thu Oct 27 07:52:43 EST 2011

On 10/26/2011 03:15 PM, Saku Ytti wrote:
> If there is usage scenario for ForwardAgent, there is usage scenario for
> ForwardAgent in multiple security domains.

I suppose i'm arguing right now that the only legitimate usage scenario
for ForwardAgent is when the user doesn't understand how to use
ProxyCommand for a jumphost.

I'd rather streamline the jumphost case than add extra cruft that might
encourage users to forward their agent.

If someone can propose a legitimate situation where agent forwarding is
needed, i'd like to hear about it.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the openssh-unix-dev mailing list