On 2005-02-05, Dani Camps <(E-Mail Removed)> wrote:
> I have three machines let's say A, B and C.
> I do the following :
>
> 1-from A I ssh B: A# ssh B
> 2-from B I ssh C: B# ssh C
>
> I am using public key authentication in both B and C, and the key that
> is allowed to access is one stored in A. So first I run ssh-agent in A
> and I load the key there, so the point 1 is perfect, from A I do ssh B
> and the connection is done.
>
> The problem is in the point 2, because to conect C I need a key that
> is loaded in A's ssh-agent. I know that is possible to do ssh-agent
> forwarding, so B uses the ssh connection that has with A to ask the
> A's ssh-agent for the key when he wants to authenticate with C. But I
> don't know how to configure this. I read somewhere that the only thing
> you need is to add in the ssh-client configuration file in B the
> following keyword "ForwardAgent yes", but I have tried this and is not
> working. I am using OpenSSH in all the machines.
I think this has to be on A. You have to say it on the first host
that you intend to use feature. If the server at B allows it, it
endows the shell at B with right environment, that the next ssh (B to C)
sees the keys.
>
> Any idea on how to enable this feature?
You can also use "ssh -A" on host A (the first ssh)
if you intend to use the feature.
You also need also your public key in authorized_keys(2) on B and C.
Maybe the ssh-server at B runs with no-agent-forwarding,
which disallows it.
Greetings David
> Maybe it was necessary to compile OpenSSH with this option otherwise
> now is not possible to use? Any solution then ?
>
> Thanks !
|
Similar Threads
Linear Mode
