Is there any solution, or even work on, limiting which keys gets forwarded where?

[Peter Stuge]

hubert depesz lubaczewski wrote:
> > Another approach, if you find you must forward your agent, is to load
> > all keys in your agent with confirmation prompt required (ssh-add -c)
> > so that your local machine is still in control of when the different
> > keys get used.
> 
> Yeah, but that will (from what I understand from man) re-ask for my
> password, which is highly impractical given the above passphrase
> situation.

You should try it out. No, the agent on your client only asks for
confirmation to use the key (enter=yes, type anything+enter=no)
not for the passphrase.


//Peter