|
|
|
|
|
|
by neilv
1265 days ago
|
|
|
Before SSH-ing into untrusted hosts, make sure you understand what SSH agent-forwarding and X11-forwarding are. Also, maybe don't trust the SSH config defaults on whatever host you're on at the moment. You can explicitly set defaults yourself in your `~/.ssh/config` or similar. |
|
|
And how to configure your ssh agent to confirm with you on each use. See `-c` in `ssh-add(1)`, and make sure you're using an agent that supports it (GNOME's Seahorse doesn't, gpg-agent does, macOS's ssh-agent doesn't make can be made to via some AppleScript).
Because my ssh agent confirms each key use, I enable agent forwarding on every ssh connection without fear.