Re: ssh private keys on our systems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Oh, so it's more like tunnelling SSH in SSH, similar to X11 in SSH or SOCKS through SSH?

I just remember that last time I connected I think I had to use agent forwarding. I may be wrong, I was tired while writing this email last night.

On Oct 4, 2011 6:00 AM, "Kevin Fenzi" <kevin@xxxxxxxxx> wrote:
> On Tue, 4 Oct 2011 00:43:51 -0700
> Darren VanBuren <onekopaka@xxxxxxxxx> wrote:
>
>> The recommended method is using agent forwarding at this time
>> according to
>> http://infrastructure.fedoraproject.org/infra/docs/sshaccess.txt
>
> No, there's no need for agent forwarding, and thats hopefully not what
> the policy / sop says. ;)
>
> It uses ssh -W, which basically just forwards stdout/stdin to the
> remote machine (or you can use nc, which does the same exact thing).
>
> This means you authenticate to bastion, then run the command to forward
> things and all the rest of your communication is with whatever machine
> you are connecting to. No agent. No private keys stored on shared
> machines. No need to ssh to a machine then ssh to another one, it's all
> in one command.
>
> kevin
>
>
_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure

[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux