I use ssh-agent forwadring alot, because it’s a very convinient and simple way to securely use my ssh keys on remote hosts or inside Vagrant development. It frees me from creating a bunch of keys - at least one for every host I use.
But forwarding is not secure by-default: ssh-agent socket hijacking is possible by whoever
have root access to host you’re forwarding your agent to.
Happily, there is no need to give up on such a useful instrument - that’s why there isoption -c (from word confirm) in ssh-add.
Just add your key with such param: ssh-add -c ~/.ssh/my_cool_key.id_rsa and there will be a confirmation window on every operation with an added key (screenshot).
The app, used for confirmation window, usualy is the same, that for password requests (ssh-askpass, yep), but in this case there is no need for any password.
You can just click OK to accept operation or Cancel to decline it.
In case of declined operation, ssh-agent will not proceed with operation:
ivanko@victoria ~/src/ivan-kolmychek.github.io (ruby-2.1.2@jekyll) $ git pull
Agent admitted failure to sign using the key.
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
ivanko@victoria ~/src/ivan-kolmychek.github.io (ruby-2.1.2@jekyll) $
For further details, see man ssh-agent.
Be safe out there. ;)
P.S. It is convinient to enforce this behavior as default. Here is my question on SuperUser about good ways to do so, besides adding a bash alias. If you know any, spare a few minutes to suggest it, please.
For people, who still interested in aliases - you can add
alias ssh-add='ssh-add -c'
to your ~/.bashrc file..