how to use ssh agent forwarding

networking server ssh ssh-agent
5,445

Solution 1

First you have to invoke ssh-agent on your client to make it remember your key

ssh-agent -t 3600 ~/.ssh/private_key_rsa

(assuming that your key is stored in ~/.ssh/private_key_rsa, you can also leave out the -t 3600 if you want infinite lifetime)

then you simply ssh into one of your servers using the -A option

ssh -A server1

from there you will then be able to ssh into server2

ssh server2

If you do not want to specify the -A option everytime you can add the following to your ~/.ssh/config (on the client and optionally both servers)

Host server1
 ForwardAgent yes

Host server2
 ForwardAgent yes

This works for any number of servers. To keep the ~/.ssh/config short you can introduce wildcards e.g.

Host server?
  ForwardAgent yes

Solution 2

Forward server host to localhost :

ssh -L localhost:22:localhost:22 user@host

or

ssh -N -f -L serverhost:22:localhost:22 user@server1

After reading your question again.

You want to ssh into server1 :

ssh user@server1

Then you want to ssh into server2:

Into new terminal from client do:

ssh user@server1
ssh user@server2

Then you have 2 connections:

  1. client to server 1
  2. client to server 1 ==> server 2

If you want to have:

  1. client to server 1
  2. client to server 2 (With same key.)

Just do following command.

On client:

Use tmux or open 2 terminals

ssh user@server1

In new terminal:

ssh user@server2
Share:
5,445

Related videos on Youtube

bojack horseman
Author by

bojack horseman

Updated on September 18, 2022

Comments

  • bojack horseman
    bojack horseman almost 2 years

    I have three systems , a client that only install ssh client and server_1 and server_2 . im using ssh public authentication and i can ssh from client to both server_1 and server_2. i saved same pub key for server 1 and and now i want to ssh from server 1 to server 2 using agent forwarding and i want my private key stay only on client please help me ASAP how can i do this scenario ? i use this link but dont know how to do it .

    An Illustrated Guide to SSH Agent Forwarding: Public Key Access with Agent Forwarding

  • bojack horseman
    bojack horseman over 6 years
    it didnt helped no public key error
  • An0n
    An0n over 6 years
    You want to forward or 'client to server1 and client to server2?'
  • bojack horseman
    bojack horseman over 6 years
    same pub key is stored on both server and i can ssh from client to both . now i want to use ssh agent forwarding to ssh from server 1 to 2 without private key save on server like link above
  • An0n
    An0n over 6 years
    Edited my answer.
  • bojack horseman
    bojack horseman over 6 years
    ur right in this case . but how can ssh from server 1 to server 2 directly without ssh from client to server 1 using key request and response . imagine server 1 system is some place else and i want ssh from that system to server 2 not from client
  • An0n
    An0n over 6 years
    You can' t unless you forward from server 1 to server 2. But then you cant ssh into server 1 separately. So you have to do it manualy.
  • An0n
    An0n over 6 years
    Or you use different ports. And forward from server1 (another port) to server2.
  • An0n
    An0n over 6 years
    You want to ssh "from that system" so you ALWAYS have to ssh into that system first, wherever you are. Otherwise you just dont use that system. In that system you forward to another server.
  • bojack horseman
    bojack horseman over 6 years
    so it should be like this : a->b->c ???
  • An0n
    An0n over 6 years
    yes as i did in my answer. Read after the edit the first lines.
  • bojack horseman
    bojack horseman over 6 years
    i did ur answer before but i thought i can connect to server 2 from server 1 seperatly
  • bojack horseman
    bojack horseman over 6 years
    using public key
  • bojack horseman
    bojack horseman over 6 years
    and ssh agent forwarding but i didnt find anything on net .
  • An0n
    An0n over 6 years
    If you can Edit your Question, Then I can Edit My Answer.
  • An0n
    An0n over 6 years
    What about server3?
  • mbeyss
    mbeyss over 6 years
    This works for any number of servers. (see also my recent edit). If all servers accept the same key you can do ssh -A server1 from there ssh -A server2 from there ssh -A server3 and so on.
  • MadMike
    MadMike over 2 years
    Which is also mentioned in the other answer ;)
  • Daniel
    Daniel over 2 years
    @MadMike right, but it's hard to find because of length of answer
  • Brent Sandstrom
    Brent Sandstrom over 2 years
    For anyone else having a brain fart moment: If you set up agent forwarding for a user, and then run sudo ssh it won't work because you're running ssh as root

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Corrupted MAC on input. ssh_dispatch_run_fatal:message authentication code incorrect unable to ssh jupyter notebook on remote server
ssh fails because port 22 doesn't work with AT&T Uverse
ssh: connect to host [ip] port 22: No route to host
Ubuntu server 16.04 can't ping outside IP's or domains or do updates
Open ssh error: packet_write_wait: Connection to x.x.x.x port 22: Broken pipe
SSH connection timed out externally, but works internally
SSH to the Ubuntu host machine from a Ubuntu VirtualBox guest?
How can I access to guest machine via ssh which has Bridged Adapter
Is PPTP a secure VPN-protocol?
Can't ssh into server, connection refused