SSH with public key authentication is seen as a robust and secure solution and as security professionals one we all recommend. But is this approach as secure as we think? Despite the warnings, many users remain oblivious to the dangers of ssh-agent forwarding and how sever administrators can abuse this trust to use your keys against you. In this talk we demonstrate new ways to weaponise the process of ssh-agent based attacks and how to defend yourself.