ability to select which identity to forward when using "ForwardAgent" ?

Pablo Escobar pescobar001 at gmail.com
Mon Oct 5 01:04:46 AEDT 2020


On Sun, Oct 4, 2020 at 1:37 PM Lars Noodén <lars.nooden at gmx.com> wrote:

> One work-around [1] is to use an alias.
>
>   alias assh="ssh-agent ssh -o AddKeysToAgent=confirm \
>         -o ForwardAgent=yes"
>
> That approach will still respect what's in ssh_config(5) except for the
> two options it overrides.
>

Thanks for the suggestion. In a quick test the two drawbacks I found with
this approach are:

1) As I start a new agent I have to type the passwords for my private keys
again even if I already added them to my previously existing agent. When
using a bastion host with a different private key and the ssh option
"ProxyJump" or "ProxyCommand" this means typing two passwords.
2) bash autocomplete is not working when using an alias. I use autocomplete
a lot because I have few dozens of hosts entries in my ~/.ssh/config

In any case this seems the best alternative and I will use this approach by
now. I only wanted to mention the drawbacks I noticed in case this
information is useful for someone else.

Thanks for your advice.

regards,
Pablo.



>
> /Lars
>
> [1] https://vincent.bernat.ch/en/blog/2020-safer-ssh-agent-forwarding
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>


More information about the openssh-unix-dev mailing list