On 5/24/20 3:55 AM, David A. Pocock wrote: > I can't relate; doing this from OpenBSD6.7 to OpenBSD6.7 the ecdsa forward > through and show up via ssh-add without any issues (and allow using the > intermediary host without having the keys present (and being able to choose > keys as per the initial question).
If you want to use a specific agent-forwarded key on the intermediary host, you can put the public key (sic!) in a file on the intermediary host and use that file with the -i option or in the config file. The private key for doing the signature during authentication is then automatically selected from the agent. /m