Thursday, October 25, 2018

Using ssh-agent to do ssh agent forwarding

Normally, in order to use a key to login to a server, you need to have the ssh private key inside the machine you are initiating your ssh connection from, and the server needs to have a matching public key already recorded in .ssh/known_hosts. The private key is supposed to be private, and cannot be put everywhere and anywhere.

To overcome this, we can use ssh-agent command, with ssh agent forwarding (-A) feature of ssh.

Start ssh-agent

$ eval `ssh-agent`

OR

$ ssh-agent bash 


Use the agent forwarding feature of ssh to jump through many servers using the same key
$ ssh -A -i mine.key mine@server1

When you want to jump to server2, just run:
$ ssh -A mine@server2

and you will be connected to server2 using the same key (provided you already register the matching public key inside server2)

Once you have finished, do not forget to exit your ssh-agent, by typing exit, or killing the ssh-agent pid

$ kill `pidof ssh-agent`