ssh agent forwarding with many identities

Posted by Eddified on Super User See other posts from Super User or by Eddified
Published on 2013-10-22T21:21:01Z Indexed on 2013/10/22 21:57 UTC
Read the original article Hit count: 372

Filed under:

ssh

|

ssh-agent

I have setup ssh agent forwarding, and I know it works. I also have many keys setup in the agent. The problem is there are so many keys that I get:

Received disconnect from XXX.XXX.XXX.XXX: 2: Too many authentication failures for bob

The way around this is to use IdentitiesOnly=yes so that ssh will only send the identity you want it to for the specified host. I've also gotten this implemented and I know it works, without agent forwarding.

Now, I'm trying to combine the two features. That is, I want to use agent forwarding, but also be able to specify which identity to use when connecting. Problem is, I can't figure out how to do this.

So, I want to connect from box A through box B to box C. Box A has all of the identity files and the ssh agent running. I want to edit box A or B's ssh config file(s) to use a specific identity that exists in box A's agent (which is being forwarded).

© Super User or respective owner

Related posts about ssh

Problem with hadoop start-dfs.sh

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I installed and configured hadoop on my Ubuntu 14.04 server, virtualized inside of hyper-v, however I am getting an issue when i run start-dfs.sh root@sUbuntu01:/var/log# start-dfs.sh 14/06/04 15:27:08 WARN util.NativeCodeLoader: Unable to load native-hadoop library for your platform... using builtin-java… >>> More
SSH problems (ssh_exchange_identification: read: Connection reset by peer)

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I was running 11.10 and decided to do the full upgrade and come up to 12.04 after the update SSH (not SSHD) is now misbehaving when attempting to connect to other OpenSSH instances. I say OpenSSH as I am running a DropBear sshd on my router and I am able to connect to it. When attempting to connect… >>> More
SSH main process ended

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have a running ubuntu server 10.04.1. When I tried to login to the server via ssh, I could not. Instead, I got connection refused error. I tried to ping the machine and I got reply! So, the clear reason is that SSH daemon is stopped. After reboot, I was able to login to my server via ssh. After… >>> More
SSH server not working (respawns until stopped)

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have a running Ubuntu Server 10.04.1. When I tried to login to the server via ssh, I could not. Instead, I got connection refused error. I tried to ping the machine and I got reply! So, the clear reason is that SSH daemon is stopped. After reboot, I was able to login to my server via ssh. After… >>> More
Cannot SSH after resetting firewall on VPS

as seen on Server Fault - Search for 'Server Fault'
I'm having trouble trying to SSH to my Debian 5 VPS with blacknight. It was working fine until I did the following: Logged into 'Parallels Infrastructure Manager' - Container - Firewall - Set to 'Normal Firewall settings'. It told me there was an error with the IPTables and offered the option again… >>> More

Related posts about ssh-agent

How to enable key forwarding with ssh-agent?

as seen on Server Fault - Search for 'Server Fault'
I've used the ssh-agent from oh-my-zsh to manage my SSH key. So far, so good, i only have to type the passphrase for my private key once when I start my shell and public key authentication works great. The problem is however that key forwarding doesn't work. There are 2 servers A & B which I… >>> More
ssh-agent key timeout with screen or tmux on bastion host

as seen on Super User - Search for 'Super User'
Normally I have ssh-agent running, I ssh to my bastion host then open a tmux session and connect to other boxes through that. Key forwarding works for any sessions that I open from that point forward. If I resume my tmux session after closing terminal, sleeping my laptop, whatever, my key forwarding… >>> More
Choose identity from ssh-agent by file name

as seen on Server Fault - Search for 'Server Fault'
Problem: I have some 20-30 ssh-agent identities. Most servers refuse authentication with Too many failed authentications, as SSH usually won't let me try 20 different keys to log in. At the moment, I am specifying the identity file for every host manually, using the IdentityFile and the IdentitiesOnly… >>> More
Sharing the same `ssh-agent` among multiple login sessions

as seen on Super User - Search for 'Super User'
Is there a convenient way to ensure that all logins from a given user (ie me) use the same ssh-agent? I hacked out a script to make this work most of the time, but I suspected all along that there was some way to do it that I had just missed. Additionally, since that time there have been amazing… >>> More
ssh-agent on ubuntu rapidly restarts

as seen on Super User - Search for 'Super User'
I am attempting to use ssh-agent on Ubuntu 13.10 so that I will not have to enter my passphrase to unlock a key every time I want to use ssh or git. As you can see below, ssh-agent appears to be restarting for some reason. These commends were executed within a period of less than 5 seconds: andrew@zaphod:~$… >>> More