0

Suppose servers myLaptop, A and B. The same ssh-agent should allow me to go over A and B without readding the ssh-agent in the server A to go to B.

$ eval `ssh-agent`; ssh-add ~/.ssh/mePriv   #In myLaptop
$ ssh me@kosh.A.com                         #Works without typing pwd
$ ssh me@triton.A.com                       #Won't work, ssh-agent not alive in A?!   
$ eval `ssh-agent`; ssh-add ~/.ssh/mePriv; ssh me@triton.A.com #Works, dupe...

where now I have the ssh-agent running in myLaptop and in A. Is there some easy way so that I could only have the ssh-agent set up once in myLaptop without retyping everything again in A?

P.s. I am not sure about technical terms but the same thing I am trying to achieve here to connect to server B through the server A can be done with something like ssh-forwarding/ssh-tunneling, not sure about correct terminology. For this question, focus on ssh-agent. Easiest solution very well appreciated!

hhh
  • 50,788
  • 62
  • 179
  • 282
  • what's the point to run ssh-agent via eval? You can directly run it. `ssh-agent; ssh-add ~/.ssh/mePriv` – BMW Feb 10 '14 at 05:38
  • This question appears to be off-topic because it is not about programming. http://unix.stackexchange.com/ can be a better place to ask. – Eugene Mayevski 'Callback Feb 10 '14 at 07:40
  • @BMW `ssh-agent; ssh-add ~/.ssh/uni Could not open a connection to your authentication agent.` but with eval it works, I don't fully understand the reason. – hhh Feb 10 '14 at 13:58
  • can you remove eval, then run the reat, maybe your problem is fixed. – BMW Feb 10 '14 at 21:01
  • @BMW I can remove the first eval but not the second `"eval \`ssh-agent\`"` or it will ask password again -- I am not sure whether this is a feature: you need to recreate ssh-agent in every client, is this true? – hhh Feb 10 '14 at 21:47
  • Please, move this question to server fault. It does not belong here. – Léo Léopold Hertz 준영 Mar 25 '14 at 20:12
  • 1
    @hhh Please, see this thread http://serverfault.com/questions/568715/ssh-add-and-contacting-server-unsuccessfully – Léo Léopold Hertz 준영 Mar 25 '14 at 20:14

1 Answers1

1

Please, see the answer here.

Shortly

  • run ssh-keygen in your server
  • move the private-key id_rsa to your laptop's $HOME/.ssh/id_rsa
  • remove the private key id_rsa from your server
  • create the following $HOME/.ssh/config in your laptop
  • run ssh-add $HOME/.ssh/id_rsa
  • copy the public key to the laptop's $HOME/.ssh/id_rsa.pub
  • add the public key to the server's $HOME/.ssh/authorized_keys

Have .ssh/config like

Host server.myhomepage.com
  User masi
  Port 22
  Hostname server.myhomepage.com
  IdentityFile ~/.ssh/id_rsa
  TCPKeepAlive yes
  IdentitiesOnly yes
Community
  • 1
  • 1
Léo Léopold Hertz 준영
  • 134,464
  • 179
  • 445
  • 697