version 1.284, 2009/10/08 20:42:12 |
version 1.285, 2009/10/22 12:35:53 |
|
|
.Pp |
.Pp |
Agent forwarding should be enabled with caution. |
Agent forwarding should be enabled with caution. |
Users with the ability to bypass file permissions on the remote host |
Users with the ability to bypass file permissions on the remote host |
(for the agent's Unix-domain socket) |
(for the agent's |
can access the local agent through the forwarded connection. |
.Ux |
|
domain socket) can access the local agent through the forwarded connection. |
An attacker cannot obtain key material from the agent, |
An attacker cannot obtain key material from the agent, |
however they can perform operations on the keys that enable them to |
however they can perform operations on the keys that enable them to |
authenticate using the identities loaded into the agent. |
authenticate using the identities loaded into the agent. |