One of the things that I really like about ssh-agent is its ability to forward itself to remotes. By sending the agent instead of setting keys on each box, I’m locking down access to a few machines that I know and trust. It’s amazingly convenient and has saved me so much headache.
As I was doing research for a previous post, I kept seeing hints that maybe forwarding the agent isn’t actually a very good idea.
