mjg59, (edited ) I'm sure this is general knowledge but anyway: never enable SSH agent forwarding by default if you log into any systems that you don't trust 100%. It gives whoever has root on that system the ability to log into anything else your SSH agent can connect to. Either explicitly pass -A or add host entries to ~/.ssh/ssh_config to enable it for the scenarios you need it.
Add comment