On Monday 2009 January 05 16:31:35 Richard Hector wrote: > Or can you just forward your existing agent when you connect (ssh -A), > then run ssh-add on the remote machine (the one with the private key on > it)? Don't do this unless you trust root on the *remote* machine. While the forwarding is in effect and the identity is unlocked, *remote* root can connect to the forwarded agent socket and, while they cannot read your key directly, they can authenticate as you. I never forward my agent, to be safe. -- Boyd Stephen Smith Jr. ,= ,-_-. =. bss@iguanasuicide.net ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.net/ \_/
Attachment:
signature.asc
Description: This is a digitally signed message part.