On Sunday, August 16 2009, Mike McGrath said:
I'm conflicted on this, there's valid points here but also
the risks are
fairly low. As far as disabling agent forwarding, that's trivial to
re-enable if the box gets rooted.
We could add something to the security doc suggesting something like the
following in ~/.ssh/config
Host
publictest*.fedoraproject.org
ForwardAgent no
Jeremy