KeyForward property will be used only when
PrivateKey property
is also set and holds private key that will be used in subsequent
authentications. So, when PrivateKey property is set, KeyForward
property allows a chain of subsequent SSH connections to forward key
challenges back to the wodSSH, removing the need for passwords or
private keys on any intermediate machines.
In other words, when you connect to 1st SSH server (which has
your public key in his records), you can then initiate connection
from that server to 2nd server (and has same public key in his
records). When 2nd server requires authentication, challenge is
routed (through SSH encrypted channel) back to wodSSH, which sends
response back to 2nd server and successfully authenticates it. Same
rule applies for any other SSH server in the chain.
This allows you to have private key only stored locally, on your
own PC, and you can "hop" from server to server easily. You do not
need to store private key anywhere else on intermediate servers.
KeyForward
Property
