ssh-agent use in different security domains
Saku Ytti
saku at ytti.fi
Fri Feb 24 22:16:55 EST 2012
On (2012-02-24 13:05 +0200), Alan Barrett wrote:
> With ProxyCommand, you'd just do:
> a% ssh c scp file d:
>
> and the intermediate step of hopping through b would be handled by a
> ProxyCommand setting in your .ssh/config file:
>
> Host c
> ProxyCommand ssh -W %h:%p b
Curious. I need some cluebat, how does the key authentication work here.
D needs key which is only in a, but d is asking for it from c, is it not?
There is no magic lines for c<->d connectivity.
I know that you could easily daisy-chain ProxyCommand do to a->b->c->d ssh
connection, but does that mean you can also do a->b->c and c<->d, meaning
you're 'dropping out' in the middle?
--
++ytti
More information about the openssh-unix-dev
mailing list