Re: ssh again..

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Bruce, Thu, 7 Jul 2016 21:07:38 -0400:

> Say I have 5 boxes on my network,
> 
> box1
> box2
> box3
> box4
> box5
> 
> Each box has a generic user - user1, with limited perms/access
> 
> On my local box, i create a pub/private ssh key. I copy the pub key to each
> box..
> 
> From my local box, I can then ssh -using the priv/pub key into box1.
> 
> From box1, can I then hop/ssh over to box2, using the pub key for the user1
> that I created/installed?

Why don't you ssh into box2 directly?
Anyway: if you use a ssh-agent on your local box, you can forward the
connection to it by doing

ssh -A box1

>From box1 you should now be able to ssh into box2 using the keys your
local ssh-agent provides access to.

The downside of using -A (or setting AgentForward in the config) is that
anyone with sufficient rights to access the forwarded agent socket on
box1 can use that to ssh into the other boxes impersonating you - i. e.
a potential security risk you should be aware of.

A different way to achieve your goal might be making use of OpenSSH's
ProxyCommand option. But I don't know from the top of my head what
exactly would have to be done.

-- 
Regards
  mks
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://lists.fedoraproject.org/admin/lists/users@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org



[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux