Is there any solution, or even work on, limiting which keys gets forwarded where?

Daniel Kahn Gillmor dkg at
Wed Oct 21 00:33:46 AEDT 2015

On Tue 2015-10-20 03:08:11 -0400, hubert depesz lubaczewski wrote:
> If I run tmux locally, and my network connection dies, then I lose what
> I was doing on remote host.
> Tmux is there to protect me from losing work (let's say, in the middle
> of datbase upgrade) due to network issues).

if you want that kind of protection, run tmux (or GNU screen) on the
remote host itself.  that will protect you from outages on the jumphost
as well.

> I'm concerned about safety (someone having access to my agent socket,
> shouldn't really have access to all my keys), and convenience (not
> having to retype the password every time).

a local ssh agent, not forwarded, with a controlMaster socket for the
jumphost, and your keys loaded with confirmation prompt seems like the
solution that would solve the most problems:

Host jumphost.example
 ControlMaster autoask
 ControlPath ~/.ssh/masters/%r@%h:%p
 ProxyCommand none

Host *.example
 ProxyCommand ssh -W %h:%p jumphost.example

Before connecting, ensure that ssh-agent is running and do:

 ssh-add -c /path/to/my/key

You'll have to type your password exactly once.

When you get a prompt for the use of your key, or a prompt to use the
control master, you can just hit "OK" or type "yes".

if your workflow is just to connect to one remote machine from your
local computer, do:

 ssh -t foo.example tmux

If your workflow is to connect to multiple machines, start with:

 ssh jumphost.example

and leave that session open while you do the rest of your work from your
local computer.:

 ssh -t foo.example tmux
 ssh -t bar.example tmux



More information about the openssh-unix-dev mailing list