I was using authy-ssh on a gateway server in AWS, to talk to other machines that weren't accessible from the public internet, before I found out about #30. Allowing port forwarding without the second factor in my use case was the same as having no 2-fac auth at all. That's a pretty big deal, and if it can't be fixed, I'm surprised it's not documented in the README.
#40 might also be a big deal for a lot of use cases.
I was using authy-ssh on a gateway server in AWS, to talk to other machines that weren't accessible from the public internet, before I found out about #30. Allowing port forwarding without the second factor in my use case was the same as having no 2-fac auth at all. That's a pretty big deal, and if it can't be fixed, I'm surprised it's not documented in the README.
#40 might also be a big deal for a lot of use cases.