search

visionmedia / deploy

Minimalistic deployment shell script
1.15k stars 137 forks source link

security implications using ssh -A #30

Open klingenm opened 9 years ago

klingenm commented 9 years ago

You might want to add to the documentation which security implications there are when forwarding the ssh-agent session to a server.

TomOne commented 9 years ago

:+1: for this. Have a look at https://heipei.github.io/2015/02/26/SSH-Agent-Forwarding-considered-harmful/

But wouldn’t it be better to use ProxyCommand als explained in the article to avoid these security implications in the first place?