|
|
|
|
|
|
by metafunctor
2620 days ago
|
|
|
Hehe, I think I figured out the source of the confusion. I was thinking that the threat is that a compromised B gives access to your keys via agent forwarding. Presumably if you make keys available on B, you need them there. There's nothing ProxyCommand does to help there. But you're talking about using ProxyCommand as an alternative for connecting A->X and then X->B, so keys are not available on X. That's of course an improvement. |
|
|