- You might want to use SSH agent forwarding. This way you do not have to load your key on the server in any way - but it also bears a certain risk that a malicious user (e.g. another sudo user) on the remote system can also use it.
- PuTTY provides this setting (default off) at Connection->SSH->Auth->Allow agent forwarding.
- For OpenSSH, use
ssh -A
.
- Start via
eval $(ssh-agent)
in your current shell. - Add your default key via
ssh-add
. - Add a key by pasting it into stdin:
ssh-add -
andCTRL
+D
three times. Password will probably be shown in cleartext! Useclear
,reset
ortmux clear-history
afterwards. - List loaded keys:
ssh-add -l
orssh-add -L
- Use
ssh-add -x
to lock agent wirh a password andssh-add -X
to unlock. sudo -s
,sudo -i
and evensudo ssh [...]
will remove theSSH_AUTH_SOCK
environment variable pointing to the agent socket. In case ofsudo
ing to root,sudo -s --preserve-env=SSH_AUTH_SOCK
will work (other users will not work due to permissions).
Last active
June 16, 2022 16:32
-
-
Save debuglevel/50a2aa76348d308bd39f3b617580040e to your computer and use it in GitHub Desktop.
ssh-agent HowTo
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment