Thoughts on NOPASSWD and disabling agent forwarding on publictest machines?

Jeremy Katz katzj at
Mon Aug 17 13:30:04 UTC 2009

On Sunday, August 16 2009, Mike McGrath said:
> I'm conflicted on this, there's valid points here but also the risks are
> fairly low.  As far as disabling agent forwarding, that's trivial to
> re-enable if the box gets rooted.

We could add something to the security doc suggesting something like the
following in ~/.ssh/config
  Host publictest*
     ForwardAgent no


More information about the Fedora-infrastructure-list mailing list