Only forward your agent connection to machines you trust.Īs you will see further down in this article, forwarding an agent is equivalent to To not abuse his privileges, and to do a good job at keeping the system safe, Just as with the keys, I generally don't run ssh-agents anywhere but my laptop.Īnd when I say "has root on", consider that you are both trusting that person Never ever run an ssh-agent on a computer somebody else has root on. Keys on my personal laptop, and start all ssh sessions from there. I generally go further and only keep my private If you also use that key from that computer (why would you copy it, otherwise?), If you do, you just shared your keys with that person. Never ever copy your private keys on a computer somebody else has root on. If you are the impatient kind of reader, here is a a few rules of thumb you should
Unfortunately for you, we promised a follow up to talk about the security implications of using In a previous article we talked about how to use ssh keys and an ssh agent. The pitfalls of using ssh-agent, or how to use an agent safely
0 kommentar(er)
