Ssh – Two-step remote ssh without password

passwordremotessh

I'm looking to ssh from my localhost to a remote server, and from there to a remote computer. I currently have it set up so that the remote computer and remote server have passwordless ssh-ing set up between them, but if I ssh from my localhost into the server, and then try to ssh to the computer from there, I get:

Enter passphrase for key '/home/user/.ssh/id_dsa': 
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,keyboard-interactive).

If I try to ssh from a terminal open on the remote server to the remote computer, it works just fine. Does it have something to do with my display not being :0.0, or something else entirely? I've tried xhost +local: but been lost past that.

Thanks

Best Answer

If both systems have the public key of your local system use -A.

From ssh(1)

-A      Enables forwarding of the authentication agent connection.  This
        can also be specified on a per-host basis in a configuration file.

Also be aware of this warning:

        Agent forwarding should be enabled with caution.  Users with the
        ability to bypass file permissions on the remote host (for the
        agent's UNIX-domain socket) can access the local agent through the
        forwarded connection.  An attacker cannot obtain key material from
        the agent, however they can perform operations on the keys that
        enable them to authenticate using the identities loaded into the
        agent.

The result is that when you auth against the second host the auth is forwarded all the way back to the host where you physically reside.

Example:

me@host0:~ $ ssh -A host1
Last login: Thu Jun 14 11:31:53 2012 from 2001:db8::b0
me@host1:~ $ ssh -A host2
Last login: Thu Jun 14 11:41:05 2012 from 2001:db8::b1
me@host3:~ $ ssh -A host3
Last login: Tue Jun 12 10:46:50 2012 from 2001:db8::b2
me@host3:~ $
Related Question