0

I am using Vagrant to spin up a multi-VM environment (VirtualBox Hostonly mode). Each VM has ssh agent forwarding enabled. As "vagrant" user, I am able to connect to my Bitbucket account and checkout repositories from within the VMs. Here are relevant console logs:

[vagrant@ci-server ~]$ echo $SSH_AUTH_SOCK 
/tmp/ssh-BtewZz3383/agent.3383

[vagrant@ci-server ~]$ ssh -T git@bitbucket.org
logged in as <my-bitbucket-account>.

You can use git or hg to connect to Bitbucket. Shell access is disabled.
[vagrant@ci-server ~]$

Each VM also has a user, "go". When I'm logged in as "go" and try to connect to Bitbucket , it throws an error. Even SSH_AUTH_SOCK is not set:

[vagrant@ci-server ~]$ sudo su - go

[go@ci-server ~]$ echo $SSH_AUTH_SOCK

[go@ci-server ~]$ ssh -T git@bitbucket.org
Permission denied (publickey).
[go@ci-server ~]$

The sudoers file has:

Defaults    env_keep += "SSH_AUTH_SOCK"

So, ssh-agent connections should get fwded when "vagrant" sudos into "go". What am I missing here?

The host is a Mac OS X 10.8 while the VMs are CentOS 6.5 boxes.

Thanks!

Tushar
  • 81
  • 5
  • Wouldn’t you need to use the key file from the `vagrant` account and ensure that the `SSH_AUTH_SOCK` environment variable is set in the `go` account? – Buck Doyle May 26 '14 at 05:36
  • Why would you like to do that ? Why not simply configure Bitbucket deployment key for go-account ? That's how I configure my Go CD servers. – user272735 May 28 '14 at 19:58

1 Answers1

0

So, ssh-agent connections should get fwded when "vagrant" sudos into "go". What am I missing here?

You are using sudo and su - together and this is:

  1. overkill because sudo alone would do the job;
  2. bad because su - resets your environment, erasing the SSH_AUTH_SOCK variable that you need.

Try using only sudo --shell --user=go to get a shell as that user.

Kolargol00
  • 1,697
  • 2
  • 17
  • 21