Emphasise that agent forwarding exposes all keys.

author Jacob Nevins <jacobn@chiark.greenend.org.uk>

Fri, 25 Mar 2016 00:18:18 +0000 (00:18 +0000)

committer Jacob Nevins <jacobn@chiark.greenend.org.uk>

Fri, 25 Mar 2016 13:15:57 +0000 (13:15 +0000)
author Jacob Nevins <jacobn@chiark.greenend.org.uk>
Fri, 25 Mar 2016 00:18:18 +0000 (00:18 +0000)
committer Jacob Nevins <jacobn@chiark.greenend.org.uk>
Fri, 25 Mar 2016 13:15:57 +0000 (13:15 +0000)
diff --git a/doc/pageant.but b/doc/pageant.but

index b16503182e8b532723bd52254dac1c0f0288c168..f25119dd1ead10691c1583db1efe877f58c7c2e0 100644 (file)
--- a/doc/pageant.but
+++ b/doc/pageant.but
@@ -260,10 +260,10 @@ as long as they want.
  However, the sysadmin of the server machine can always pretend to be
  you \e{on that machine}. So if you forward your agent to a server
  machine, then the sysadmin of that machine can access the forwarded
-agent connection and request signatures from your private keys, and
-can therefore log in to other machines as you. They can only do this
-to a limited extent - when the agent forwarding disappears they lose
-the ability - but using Pageant doesn't actually \e{prevent} the
+agent connection and request signatures from any of your private keys,
+and can therefore log in to other machines as you. They can only do
+this to a limited extent - when the agent forwarding disappears they
+lose the ability - but using Pageant doesn't actually \e{prevent} the
  sysadmin (or hackers) on the server from doing this.
  
  Therefore, if you don't trust the sysadmin of a server machine, you
author	Jacob Nevins <jacobn@chiark.greenend.org.uk>
	Fri, 25 Mar 2016 00:18:18 +0000 (00:18 +0000)
committer	Jacob Nevins <jacobn@chiark.greenend.org.uk>
	Fri, 25 Mar 2016 13:15:57 +0000 (13:15 +0000)