Filtering which identities are forwarded by ssh-agent to a given host

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Howdy,

I'm looking for a way to restrict which ssh keys are forwarded to a 
given remote host because we have several ssh domains.  That is, I have 
two keys which I use throughout the day:
  .ssh/network-a-2014-10-12
  .ssh/network-b-2014-11-22

I need to forward my network A key to the ssh gateway host for Network A
to allow me to log into hosts on the other side of the gateway but I 
can't have the key for Network B to be forwarded.  Similar thing for 
Network B.  Deleting and adding is painful at best.  I've experimented 
with IdentiesOnly=yes and IdentityFiles but on the network A gateway I 
still see all of my loaded keys including Network B.  Is there a way to 
do this already?  If not, would a Buzilla enhancement request be 
welcome?  Perhaps requesting something along the lines of:

Host network-a-gateway.example.com
        ForwardIdentity      .ssh/network-a-2014-10-12
and allow additional ForwardIndenty to allow additional keys.

        Thank you,
        Bill
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux