Hi Bertrand, On Tue, Jul 31, 2018 at 06:26:11PM +0100, Bertrand Jacquin wrote: > I know old farts don't change, but for the two cents, newer version of > OpenSSH (>= 6.7) and GnuPG (>=2.1.1) allow you to forward GnuPG agent over > SSH with reduce capacity to reduce the attack surface you are mentioning. > More details are available on https://wiki.gnupg.org/AgentForwarding
Thanks for the info, I can possibly have a look at this. It could be a reasonable option indeed, which limits the exposure of the agent in time. Cheers, Willy