From: Jeroen Massar jeroen@unfix.org To: Stanislav Sinyagin ssinyagin@yahoo.com Cc: Silvan Gebhardt gebhardt@openfactory.ch; "swinog@lists.swinog.ch" swinog@lists.swinog.ch Sent: Saturday, June 2, 2012 4:05 PM Subject: Re: [swinog] hosting for 1 powersupply with lan port
On 2 Jun 2012, at 05:49, Stanislav Sinyagin ssinyagin@yahoo.com wrote:
When I'm logged in to the VPS, I can do
ssh -A ssinyagin@1.2.3.4 with this command, the server 1.2.3.4 authenticates me through my public key, and the VPS acts as the SSH agent proxy. So, if that server has my public key in .ssh/authorized_keys, I'm easily in, and no security breach on the VPS would affect my security.
Unless the attacker is on the jumpbox as root as then they can also forward in the same way, but this should not happen ofcourse ;)
yes