ssh-agent use in different security domains
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Oct 27 07:52:43 EST 2011
On 10/26/2011 03:15 PM, Saku Ytti wrote:
> If there is usage scenario for ForwardAgent, there is usage scenario for
> ForwardAgent in multiple security domains.
I suppose i'm arguing right now that the only legitimate usage scenario
for ForwardAgent is when the user doesn't understand how to use
ProxyCommand for a jumphost.
I'd rather streamline the jumphost case than add extra cruft that might
encourage users to forward their agent.
If someone can propose a legitimate situation where agent forwarding is
needed, i'd like to hear about it.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20111026/a4b39db0/attachment.bin>
More information about the openssh-unix-dev
mailing list