Hi.
After an upgrade, we are having trouble with openssh and agent
forwarding, and are stumped at trying to find the source of our
troubles. Any pointers to help us debug would be appreciated:
Previously, we had
(a) developer workstations, with our ssh keys in the normal place:
~/.ssh/id_rsa{,.pub}
(b) Prod machine B, with ~/.ssh/authorized_keys{,2}
(containing the public keys of our developers).
(c) Prod machine C, set up like B
On developer boxes, we have /etc/ssh/ssh_config with the following
(assume C is the domain name of the said production machines):
Host C
ForwardAgent yes
With this setup, we were able to execute the following two commands from
an ssh session to machine B:
ssh C ls
sudo ssh somename@C ls
This was on Ubuntu Gutsy, with openssh version 1:4.6p1-5ubuntu0.5 and
sudo version 1.6.8p12-5ubuntu2.
Then we upgraded to Ubuntu Hardy, with openssh version
1:4.7p1-8ubuntu1.2 and sudo version 1.6.9p10-1ubuntu3.2.
After the upgrade, we can still do
ssh C ls
But NOT
sudo ssh somename@C ls
Should it be possible to let agent forwarding work like this "through"
sudo?
Where do we go to search for the problem?
It certainly was working before...
Thanks
- Iwan
