@NixAvem
I believe I am the same position. My very rough goal is: to access from my local box, the XXX service that runs under ‘root’. I suppose this must be done somehow by pivoting the user C****x (that i actually have access). The above link that @bergabman gave, put some light. I am working now with the ‘-g’ flag, but… what i miss (and this is because of the lack of knowledge too) is that i have NO IDEA how to use the secret file in this… “process”.
Overwhelming?.. well maybe! The sure is that I miss some important fact (call it knowledge) on this. But we R here to learn… huh? 
this is the goal…
Also, according to the way I would like to approach the solutions, I prefer to study more on this box, than to focus to another one…