OK, very good. Thanks so much for your help and time and giving me some peace of mind. I guess my next step is to now figure out how to get Rex (a tool for running commands on a remote machine) to make ssh calls as a forwarding agent. I'm pretty sure this can be done so I should be good. On Wed, Dec 9, 2020 at 3:04 PM Brian Candler <b.candler@xxxxxxxxx> wrote: > On 09/12/2020 19:49, Steve Dondley wrote: > > Very interesting food for thought. So let me make sure I understand > > what I need to do here as I try to reverse 2 decades of cluelessness > > (I literally never heard of agent forwarding until last night): > > > > So I'll add the pem file with ssh-add on my local machine and then > > I'll be able to log into C and then once in C I can run the scp > > command to move files between B and A via the private network. Have I > > got that right? > > Yep, as long as you've enabled agent forwarding (-A) when you login to C. > > With agent forwarding, an agent socket appears on host C. Any command > you type there (such as "ssh B" or "scp B:foo A:bar") is able to talk to > the agent socket, as if ssh-agent were running on host C. > > But in reality, the agent messages are passed back and forth over the > ssh connection between your local host and C, to the ssh-agent running > on your local host. Hence your private key never leaves your local host. > > -- Prometheus Labor Communications, Inc. http://prometheuslabor.com 413-572-1300 UnionConnect Phone App for Labor Unions http://unionconnect.com _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
