[lug] ssh-agent / ssh-add and picking up credentials used to log into remote system

Zan Lynx zlynx at acm.org
Mon Nov 20 16:14:41 MST 2017


On Mon, Nov 20, 2017 at 03:31:37PM -0700, Bear Giles wrote:
> Hi, I'm sure I had this working before but I've hit it again with a new
> jump host on AWS. I know there's a way to set up ssh-agent and ssh-add so I
> can carry the credentials through ssh calls but I'm missing it at the
> moment.
> 
> I have 'ForwardAgent yes' in my .ssh/config file and run ssh-agent and
> ssh-add in my .profile. (more precisely I've added "eval `ssh-agent -s`").
> However the list of identities is empty.
> 
> What am I missing?

Don't forget to turn on ForwardAgent on the jump host as well. You need
to keep forwarding the agent.

It's also possible that the OS on the jump host has disabled forwarding
in the sshd for some security reason. That's AllowAgentForwarding in
sshd_config.

And if you've copied your profile around make sure you only run an
ssh-agent if you don't already have one. It's possible you are running
another one and overwriting the environment variable. The new agent
won't have your keys.


More information about the LUG mailing list