When you administrate machines it sometimes makes sense to forward your SSH agent information from your client A to the server B. Using agent forwarding you can use the authentication keys from client A on server B to for example properly authenticate on server C – without the need to copy your private SSH key to server B. One common example in my case is that I sometimes need to access Gitolite/Github repositories on server B but I do not want to copy my SSH key there.
Keep in mind that you previously have to add the wanted SSH key on client A via
$ ssh-add -c Identity added: /home/liquidat/.ssh/id_rsa (/home/liquidat/.ssh/id_rsa) The user must confirm each use of the key $ ssh -A server_b.example.net liquidat@server_b.example.net's password: Last login: Fri May 24 17:11:17 2013 from somewhereovertherainbow.example.com $ ssh firstname.lastname@example.org info hello liquidat, this is email@example.com running gitolite3 3.5.1-1.el6 on git 1.7.1 [...]
(Thanks to Evgeni for reminding me of the ‘-c’ flag.)