I suggest you ...

Optional prompt before allowing authentication with forwarded agent

From "man ssh-add" on Ubuntu:

-c Indicates that added identities should be subject to confirmation before being used for authentication. Confirmation is performed by ssh-askpass(1). Successful confirmation is signaled by a zero exit status from ssh-askpass(1), rather than text entered into the requester.

This important security feature prevents unauthorized usage of SSH keys in your forwarded ssh-agent. Termius should show a confirmation prompt when a signing request is received when the ssh-agent has been forwarded.

It would be extra helpful (though not critical) to support the same options as Kryptonite: allow once, allow all for one hour, reject

9 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Brandon G shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    0 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...

      Feedback and Knowledge Base