Secure ssh-agent usageFeeding the Cloud
<a href="https://creativecommons.org/licenses/by-sa/4.0/">Creative Commons Attribution-ShareAlike 4.0 International License</a>
https://feeding.cloud.geek.nz/posts/secure-ssh-agent-usage/Feeding the Cloudikiwiki2019-04-13T20:13:17Zcomment 1https://feeding.cloud.geek.nz/posts/secure-ssh-agent-usage/comment_1_a169f55fa99dd3d9832d21102ebba053/db48x2019-04-13T20:13:17Z2019-04-13T15:41:02Z
<p>The <code>-c</code> option is a great recommendation, but I've been trying out <a href="https://github.com/StanfordSNR/guardian-agent">https://github.com/StanfordSNR/guardian-agent</a> and I like it even better; it gives you much more information about what is happening: which computer is asking for permission, which key they want to use, what server they're going to connect to, and what command they want to run using it. You can make a much more informed decision, and you can save those decisions so that you only have to decide for novel situations.</p>
<p>Also, the <code>ProxyJump</code> command is much nicer than ProxyCommand, but also newer. It's easier to use and harder to misuse.</p>