I've been looking for a solution to the following problem for the past 2 hours with no luck.
Development:
I'm using publickey authentication to connect to my servers. I use ssh-agent forwarding in order to not have to manage public/privates keys.
Let's say I have servers A, B and C
.
This works very well if I connect from LOCAL ---> A ---> B
.
It also works very well if I do LOCAL ---> A ---> C
.
Now, if I try LOCAL ---> A ---> B ---> C
, SSH can't connect from B to C
.
Worth noting: I connect to server A as liquidity, whereas I connect to server B as root. Connecting to server B as liquidity fixes the problem, but this is not an option for me.
As per the recommendation of a user, I use ssh -A
each time to make sure that agent forwarding is enabled.
I found one similar question, with no answer here: Is it possible to chain ssh-agent forwarding through multiple hops?
According to @Zoredache here: https://serverfault.com/a/561576/45671 I just need to adjust my client configuration on each intermediate system. Which I believe I did.
Best Answer
To have agent forwarding work through multiple hops you simply to need adjust your client configuration on each intermediate system so that agent forwarding.
It could be as simply as making sure your
/etc/ssh/ssh_config
has this configured. But if you have per-client configs in~/.ssh/config
you may need to adjust those settings as well.You can see if agent forwarding happened or if there was an errorif you just add the
-v
option.Also verify you have a valid environment variable set.