Re:They haven't heard of ssh-add -c? (Score 1)

Yes, this is a great switch. I also like the vendor's strong warnings against running agent forwarding in high-risk environments. I'm really happy to see these comments because many companies are rolling in ssh as a drop-in for telnet/ftp and have too little clue regarding the forwarding issues: both port and agent. Additionally, when you read articles, like the one I mention, that use port forwarding to access lower-risk zone devices from higher-risk zones, well, you pretty much know it's time to do a public service announcement. One user I know was approached for the support person for a turnkey system. Yup, could use ssh and wouldn't need a regular vpn account. I think the discussion needs to go from talking about admins using ssh to users getting talked into enabling unwise connectivity maybe... jt