rainer at ultra-secure.de
2017-Mar-14 09:23 UTC
[CentOS] Problem getting ssh agent forwarding to work
Hi, I need to get agent-forwarding working. I have: - a local OpenSUSE 42.1 box, where my key(s) reside (ssh agent running and working) - a remote FreeBSD 10.3 box, where I can login with my key (works) - from the FreeBSD box, I need to get to a CentOS 7 box (without entering a password - does not work) On the FreeBSD box, I can see my keys, when I type ssh-add -l I've enabled ssh agent forwarding locally and on the FreeBSD server (in sshd and ssh config). I've enabled ssh agent forwarding on the CentOS server [root at centos7-server ~]# grep Agent /etc/ssh/sshd_config AllowAgentForwarding yes My public key resides in the authorized_key file on the CentOS server. Still, I get a password-prompt. (I've disabled SELinux). I admit I never use agent-forwarding (I just don't need it). I set a password on the account and when I enter that password, I can login. So, it shouldn't a problem with the account per-se.
Ralph Angenendt
2017-Mar-14 09:44 UTC
[CentOS] Problem getting ssh agent forwarding to work
You might want to take a look at /var/log/secure on the machine you're logging into, that might have more information on why the key wasn't accepted. Ralph <rainer at ultra-secure.de> schrieb am Di., 14. M?rz 2017 um 10:23 Uhr:> Hi, > > I need to get agent-forwarding working. > > > I have: > - a local OpenSUSE 42.1 box, where my key(s) reside (ssh agent running > and working) > - a remote FreeBSD 10.3 box, where I can login with my key (works) > - from the FreeBSD box, I need to get to a CentOS 7 box (without > entering a password - does not work) > > > On the FreeBSD box, I can see my keys, when I type ssh-add -l > > I've enabled ssh agent forwarding locally and on the FreeBSD server (in > sshd and ssh config). > I've enabled ssh agent forwarding on the CentOS server > > [root at centos7-server ~]# grep Agent /etc/ssh/sshd_config > AllowAgentForwarding yes > > My public key resides in the authorized_key file on the CentOS server. > > > Still, I get a password-prompt. > > (I've disabled SELinux). > > I admit I never use agent-forwarding (I just don't need it). > > I set a password on the account and when I enter that password, I can > login. So, it shouldn't a problem with the account per-se. > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >
rainer at ultra-secure.de
2017-Mar-14 09:49 UTC
[CentOS] Problem getting ssh agent forwarding to work
Am 2017-03-14 10:44, schrieb Ralph Angenendt:> You might want to take a look at /var/log/secure on the machine you're > logging into, that might have more information on why the key wasn't > accepted. >D'uh. I had made a typo. The authorized_keys file wasn't exactly named like it should have been. LogLevel DEBUG revealed that... I feel silly....