[chmike]

What is the effect of ForwardAgent ?

[arturhoo]

The host you're connecting to could be able to, force write/destroy your public repos or clone your (and your employer's) private repos given that he knows their paths, eg: github/github. I'd assume that a few companies have a */secrets repo of some sort.

[rmetzler]

Forwarding your keys basically. It's like giving someone you don't know a handshake AND all your keys.

[lcswi]

public keys I hope?!

[ewindisch]

No, it gives the remote server use of your private keys during the lifetime of your connection through connection to your local agent.

Yes, it's really stupid to enable AgentForwarding.

[chmike]

OMG! This was an important and helpful precision. Thank you very much.

[rmetzler]

I worded it the wrong way I guess.

Edit: I don't really know how do say this short and concise, but you should only do this with servers you trust.

* http://rabexc.org/posts/pitfalls-of-ssh-agents

* http://heipei.github.io/2015/02/26/SSH-Agent-Forwarding-cons...