Enabling ssh-agent?

Hans Fugal hans at fugal.net
Fri Apr 4 08:35:24 MDT 2008


Steven Alligood wrote:
> Charles Curley wrote:
>> On Wed, Apr 02, 2008 at 03:17:48PM -0600, Andrew Jorgensen wrote:
>>  
>>> But if I understand your situation what you really want is agent
>>> forwarding (ssh -A).  You're going from host A to host B and then from
>>> host B to host C?  Or you may want something like keychain
>>> <http://www.gentoo.org/proj/en/keychain/>.
>>>     
>>
>> I want to SSH from A to B. Then I want to use B's keys to log in from
>> B to C.
>>
>>   
> 
> That's ssh forwarding.  You can ssh -A or set it in the ssh_config file.

No, it's not. If he wanted to use A's key to log into C it would be ssh 
forwarding. I like ssh forwarding.

I second the recommendation of keychain. 
http://www.gentoo.org/proj/en/keychain/

It is easy to set up and takes care of all the details of ssh-agent for 
you. When I was using lab computers frequently I wrote a little 
scriptlet in my .bash_logout that knows whether to stop the ssh agent or 
let it continue to run based on whether I trusted the computer.

if [ -n $KEYCHAIN ] && [ ! -e ~/.keychain/trusted ]; then
     keychain -q -k
fi


-- 
Hans Fugal ; http://hans.fugal.net

There's nothing remarkable about it. All one has to do is hit the
right keys at the right time and the instrument plays itself.
     -- Johann Sebastian Bach



More information about the PLUG mailing list