add keys and certificate to forwarded agent on remote host

[Damien Miller]

On Tue, 18 Sep 2018, Tim Jones wrote:

> Apologies if I'm teaching granny to suck eggs here, or my
> understanding of SSH is all wrong. But surely SSH certificates were
> only ever intended to be for authentication, not for authorization ?

certificates contain several built-in authorisation features (extensions
and critical options) and the supporting configuration options
AuthorizedPrincipalsFile and AuthorizedPrincipalsCommand are often
used to implement authorisation schemes.