ssh-agent use in different security domains
Saku Ytti
saku at ytti.fi
Fri Feb 24 21:25:25 EST 2012
I just had discussion about another usage case for ssh agent forwarding,
which I'm not sure ProxyCommand can fix, am I missing something, or is
there after all usage case for agent forwarding?
Consider this: http://www.asciiflow.com/#7099563569916439048/817014389
How can you scp file from c to d, when you're sitting on a.
a is in internet and has low speed connection
b is secure jump box
c,d can't be reached from internet, but can reach each other directly
You don't want to pull file to a, but do it directly to c->d.
With agent forwarding you could do
a% ssh b ssh c scp file d:
--
++ytti
More information about the openssh-unix-dev
mailing list