Bruce, Thu, 7 Jul 2016 21:07:38 -0400: > Say I have 5 boxes on my network, > > box1 > box2 > box3 > box4 > box5 > > Each box has a generic user - user1, with limited perms/access > > On my local box, i create a pub/private ssh key. I copy the pub key to each > box.. > > From my local box, I can then ssh -using the priv/pub key into box1. > > From box1, can I then hop/ssh over to box2, using the pub key for the user1 > that I created/installed? Why don't you ssh into box2 directly? Anyway: if you use a ssh-agent on your local box, you can forward the connection to it by doing ssh -A box1 >From box1 you should now be able to ssh into box2 using the keys your local ssh-agent provides access to. The downside of using -A (or setting AgentForward in the config) is that anyone with sufficient rights to access the forwarded agent socket on box1 can use that to ssh into the other boxes impersonating you - i. e. a potential security risk you should be aware of. A different way to achieve your goal might be making use of OpenSSH's ProxyCommand option. But I don't know from the top of my head what exactly would have to be done. -- Regards mks -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://lists.fedoraproject.org/admin/lists/users@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
