| From: Giles Orr <gilesorr@gmail.com> | So I see that agent forwarding might be unwise if you don't trust the | administrator or the machine is compromised (and yes, you can never be | sure a machine is secure), but if you're worried about the security of | the remote host, storing private keys on it and reauthenticating seems | worse. Am I missing something? You could have a more limited identity on C for which you are willing to disclose enough on B so that it can authenticate with C. Your Identity on A is all powerful. You can SSH to B, proving you have this identity. You can ssh from B to C with a weaker identity. But, of course, the private key then needs to be on B (or you use a password, not really better). I don't recommend it, I just note it.