Linux – ssh agent forwarding when using bastion host

on

When using a bastion host (or Jumpbox) to connection to production server using ssh private keys, ssh agent forward can be used. The main advantage is that you wont have to copy you keys on bastion host and hence your keys are more secure.

Using command line option -A

Use -A option when connecting to bastion host. Then you can connect to target host without having to specify your keys again.

$ ssh -i PRIVATE_KEY_FILE -A bastionhost.com

## On bastion host check env variable SSH_AUTH_SOCK
$ echo $SSH_AUTH_SOCK
/tmp/ssh-gDJRG7maIa/agent.26247

## now connect to productionhost.com from bastion host
$ ssh productionhost.com

Using ~/.ssh/config

Alternatively update ssh config file on you laptop/desktop to enable agent forwarding when connecting to bastionhost.com

Host bastionhost.com
  ForwardAgent yes

Suggested posts:

  1. How to create simple animation using Inkscape and Jquery
  2. How to migrate wordpress from root to sub directory
  3. Find image unique colors and bit depth using imagemagick identify
  4. Mysql – display row count and size of tables
  5. Custom terminal tab title and ssh on mac
  6. Setup xdebug for remote wordpress debugging
  7. Docker managing images – command line cheat sheet
  8. How to use exerciser monkey tool for android stress testing
Share this article: share on facebook share on linkedin tweet this submit to reddit
Posted in | Tagged , , , ,