How to check if SSH agent forwarding is running, from the remote server?

Question

Locally, I've turned on the SSH agent and I've added my key:

```
$ eval $(ssh-agent)
Agent pid 80
```

$ ssh-add
Identity added: /c/Users/...../.ssh/id_rsa (.....@........)

In my ~/.ssh/config, I have this:

Host example
    User root
    HostName 123.45.678.912
    ForwardAgent yes

Once I run ssh example, I am successfully connected and if I make a remote test connection to GitHub, I can see that I'm authenticated using my forwarded key:

root@example:~# ssh -vT git@github.com
OpenSSH_8.2p1 Ubuntu-4ubuntu0.5, OpenSSL 1.1.1j  16 Feb 2021
...
debug1: Will attempt key: .....@........ RSA SHA256:abc123/123456abcdefghi/abcdefg12+abcdefghij agent
...
debug1: Offering public key: .....@........ RSA SHA256:abc123/123456abcdefghi/abcdefg12+abcdefghij agent
debug1: Server accepts key: .....@........ RSA SHA256:abc123/123456abcdefghi/abcdefg12+abcdefghij agent
debug1: Authentication succeeded (publickey).
...
Hi ......! You've successfully authenticated, but GitHub does not provide shell access.

Is there a way to determine, on the remote machine, if agent forwarding works, without such a test connection?

This answer suggested using $SSH_AGENT_PID, but it's empty, on both the local and remote machine.

See for example https://unix.stackexchange.com/q/18838 – diya Nov 27 '22 at 09:39 — diya, Nov 27 '22 at 09:39

score 4 · Accepted Answer · answered Nov 27 '22 at 15:08

If the variable is not set on server, it means that agent forwarding is not working

Forwarding working example.

$ echo "$SSH_AUTH_SOCK"
# Print out the SSH_AUTH_SOCK variable
> /tmp/ssh-6hNGMk10AZC/agent.89543

Not working example

$ echo "$SSH_AUTH_SOCK"
# Print out the SSH_AUTH_SOCK variable
> [No output]
$ ssh -T git@github.com
# Try to SSH to github
> Permission denied (publickey).

How to check if SSH agent forwarding is running, from the remote server?

1 Answers1