Forwarding both gpg and ssh agents

Peter Lebbing peter at
Tue Jul 17 11:00:04 CEST 2018

On 16/07/18 23:35, Chris Coutinho wrote:
> Although some sources note the potential security holes of
> using this method, it works great for my use case

Well, yes, even the man page warns about the security implications. 
There's a reason I said "it's quite a while back" :-). I try to avoid 
it. The security implications are severe.

If it's just about passing a firewall, the ProxyJump / -J options of 
OpenSSH are much more useful. You can even chain them easily to pass 
ever more firewalls :-).

ssh -J -J


The ProxyCommand mentioned there has been made more convenient with the 
ProxyJump option that was added later; especially if we're talking about 
multiple jump hosts.

Agent forwarding is really about connecting two remote hosts together, 
which Proxy can't do.



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list