Linux – ssh agent forwarding when using bastion host

When using a bastion host (or Jumpbox) to connection to production server using ssh private keys, ssh agent forward can be used. The main advantage is that you wont have to copy you keys on bastion host and hence your keys are more secure.

Using command line option -A

Use -A option when connecting to bastion host. Then you can connect to target host without having to specify your keys again.


## On bastion host check env variable SSH_AUTH_SOCK

## now connect to from bastion host
$ ssh

Using ~/.ssh/config

Alternatively update ssh config file on you laptop/desktop to enable agent forwarding when connecting to

  ForwardAgent yes
Share this article: share on Google+ share on facebook share on linkedin tweet this submit to reddit


Click here to write/view comments