Hi everyone, Manoj has just explained to me that if brutus were compromised, and you were to log in using ssh agent forwarding, people would be able to get at /all/ of your /private/ ssh keys that are in the agent. This means that you should not under any circumstances use agent forwarding with brutus. The way to make sure of this under unix is to add these lines to the end of your ~/.ssh/config:
Host brutus.apache.org ForwardAgent no Just to be clear, this should be disabled by default, so it shouldn't be an issue for most of us. Agent forwarding is where you have an intermediate machine between the machine containing your private key and brutus. Cheers, Leo --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
