[$] Restricting SSH agent keys

The OpenSSH suite of tools forsecure remote logins is used widely within our communities; it alsounderlies things like remote Git repository access.A recent experimental feature for the upcoming OpenSSH 8.9 releasewill help close a security hole that can be exploited by attacker-controlled SSH servers (e.g. sshd) when the user is forwardingauthentication to a local ssh-agent. Insteadof allowing the keys held in the agent to be used for authenticating to anyhost where they might work, SSH agent restriction will allow users to specify where and how those keys can beused.