Transferring files between servers on a private network?
Brian Candler
b.candler at pobox.com
Thu Dec 10 07:04:51 AEDT 2020
On 09/12/2020 19:49, Steve Dondley wrote:
> Very interesting food for thought. So let me make sure I understand
> what I need to do here as I try to reverse 2 decades of cluelessness
> (I literally never heard of agent forwarding until last night):
>
> So I'll add the pem file with ssh-add on my local machine and then
> I'll be able to log into C and then once in C I can run the scp
> command to move files between B and A via the private network. Have I
> got that right?
Yep, as long as you've enabled agent forwarding (-A) when you login to C.
With agent forwarding, an agent socket appears on host C. Any command
you type there (such as "ssh B" or "scp B:foo A:bar") is able to talk to
the agent socket, as if ssh-agent were running on host C.
But in reality, the agent messages are passed back and forth over the
ssh connection between your local host and C, to the ssh-agent running
on your local host. Hence your private key never leaves your local host.
More information about the openssh-unix-dev
mailing list