2
Is this scenario possible:
~/.ssh/id_dsa/id_rsa) ?
perler
Posted 2012-08-01T12:32:33.937
Reputation: 151
4
Yes, that is possible and called SSH Agent Forwarding.
The nifty thing is, you can selectively let remote servers access your local ssh-agent as if it was running on the server. This is sort of like asking a friend to enter their password so you can use their computer.
In *nix, this would be as simple as adding the following to your ~/.ssh/config file:
Host example.com
ForwardAgent yes
Obviously, you have to replace example.com with the hostname of the server you want to forward your local key to.
With PuTTY and Pageant, all you have to do is set up a session where agent forwarding is allowed in the Auth panel.
See here about using Pageant for agent forwarding in general.
slhck
Posted 2012-08-01T12:32:33.937
Reputation: 182 472
Wow quick and elegant answer +1. I liked this this comprehensive illustrated guide http://www.unixwiz.net/techtips/ssh-agent-forwarding.html
– amotzg – 2012-08-01T13:13:48.650something is missing..
`debug1: Host 'github.com' is known and matches the RSA host key. debug1: Found key in /pat/.ssh/known_hosts:24
..
debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: /pat/.ssh/identity debug1: Trying private key: /pat/.ssh/id_rsa debug1: Offering public key: /pat/.ssh/id_dsa debug1: Authentications that can continue: publickey debug1: No more authentication methods to try. `
~/.ssh/config:
Host github.com ForwardAgent yes
putty: http://screencast.com/t/CVYgqk4Z2SnH
Ok, maybe I phrased my question wrong.
I'm not talking about this scenario: http://www.unixwiz.net/techtips/ssh-agent-forwarding.html#fwd where the connection to server2, in this case github, is issued at the "home pc". the connection is issued from the server to server2 out of an ssh session which was previously established from the homepc to the server.
should this be possible too?
Ok, solved it.
This is something I stumble over from time to time, it's the darned "screen" window manager. as when opening a new screen window (ctrl-a c) parts of the environment is appearently not reread, the changes in the config to make this all happen are not yet active.
so, the easiest is to do a "killall screen" which kicks you out of the server and reestablish the connection to the server, start a new screen session and now everything works. – perler – 2012-08-02T08:31:54.463
@perler I'm exactly talking about the situation where you connect from "home" to a "server" and this server talks to GitHub, but using your home's SSH key. This is also what the GitHub manual explains. – slhck – 2012-08-02T08:37:16.827