You should do this even if you're not using fail2ban. Otherwise any box you conn... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Tharkun on Sept 25, 2016 \| parent \| context \| favorite \| on: Ask HN: What are the best practises for using SSH ... You should do this even if you're not using fail2ban. Otherwise any box you connect to can enumerate all of your public keys, which could be a problem for some people.

zwily on Sept 25, 2016 [–]

I don't think doing this actually prevents that. Your full agent is still forwarded. You need to use a separate agent per key if you want to prevent the remote host from using your other keys.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact