↳ In-reply-to » For the record, the third thing is to activate agent forwarding. In ~/.ssh/config:

@lyse@lyse.isobeef.org Hm, I’m not sure I would want to do that:

ForwardAgent
    ...

    Agent forwarding should be enabled  with  caution.   Users
    with  the ability to bypass file permissions on the remote
    host (for the agent's Unix-domain socket) can  access  the
    local agent through the forwarded connection.  An attacker
    cannot  obtain  key  material from the agent, however they
    can perform operations on the keys that enable them to au‐
    thenticate using the identities loaded into the agent.