similar to: Problem getting ssh agent forwarding to work

Displaying 20 results from an estimated 30000 matches similar to: "Problem getting ssh agent forwarding to work"

2017 Mar 14
0
Problem getting ssh agent forwarding to work
You might want to take a look at /var/log/secure on the machine you're logging into, that might have more information on why the key wasn't accepted. Ralph <rainer at ultra-secure.de> schrieb am Di., 14. M?rz 2017 um 10:23 Uhr: > Hi, > > I need to get agent-forwarding working. > > > I have: > - a local OpenSUSE 42.1 box, where my key(s) reside (ssh agent
2015 Nov 25
6
How disable forwarding-only connections (i.e. non-shell/command non-sftp connections)? (Maybe this is a feature request!)
Hi! I tried with all available options to disable forwarding-only connections, by: "AllowAgentForwarding no AllowTcpForwarding no" This had no effect, so what I got in effect was dummy connections. I would like to disable this "class" of connections altogether. The outcome will be that all authenticated connections will lead to a command, be it /usr/libexec/sftp-server
2009 Mar 24
2
global no-agent-forwarding
Hi, I can disable agent-forwarding for any given key by prefixing it with "no-agent-forwarding", but it seems there's no global sshd_config setting for this (ie no "AgentForwarding [yes|no]"). Is this on purpose? If so, what's the rationale? -Jan -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type:
2023 Nov 12
1
Match Principal enhancement
Hi OpenSSH devs, I?m wondering if the following has any merit and can be done securely ... If you could match on principals in the sshd_config, then (for example) on a gateway machine, you could have something like /etc/ssh/authorized_keys/sshfwd: cert-authority,principals=?batcha-fwd,batchb-fwd? ... /etc/ssh/sshd_config containing: Match User sshfwd PubkeyAuthentication yes
2023 Nov 12
1
Match Principal enhancement
AFAIK everything you described here could be done using the AuthorizedKeysCommand or AuthorizedPrincipalsCommand directives. These can emit authorized_keys options (inc. permitopen) as well as the allowed keys/principals. On Sun, 12 Nov 2023, Bret Giddings wrote: > Hi OpenSSH devs, > > I?m wondering if the following has any merit and can be done securely ... > > If you could
2004 May 12
3
Oddness with agent forwarding and -i
Hey everyone, I hope this isn't an old issue; I wasn't able to locate it in the archives. I have a number of scripts which make use of ssh -i and scp -i, where the target host has the specified key in its authorized_keys file with a command= override to do immediate processing of the received data. This works extremely well, as we are able to establish single-function, triggered-action
2001 Aug 27
1
Troubleshooting ssh-agent forwarding w/ v2 protocols
OK. I've had a few replies to my earlier question about auth agent forwarding that indicate that it is currently supported. So now I'm confused as to why it is not working for me. I'm trying to chain between servers. With v1 I could load my key into the ssh-agent on my workstation (a) and ssh to server b and ssh from there to server c, all without typing a passphrase/password. Now
2018 Jul 12
2
SSH Agent Forwarding Not Working
Hi, I know this might be the most asked question, so I've done anything possible to troubleshoot the problem myself, but still, my SSH Agent Forwarding is not working for me. The best troubleshooting guide that I found, and also the one I've been using, is the ssh forwarding guide on github - https://help.github.com/articles/using-ssh-agent-forwarding I've checked all things there,
2009 Oct 30
3
need help in generating ssh authorize keys
hi all, I need to generate ssh authorize keys for a list of users hosted on different servers.the users are active and each one has its public key (id_rsa.pub) hosted in 1 server. now what i need to do is to generate the authorize keys from each of their public key. the key is easily generating if public key hosted on the Node but my problem is that all public keys are hosted in 1 machine with a
2007 Aug 21
1
ssh-agent security
ssh-agent is a great tool that is often misconfigured with respect to agent forwarding. How many people running ssh-agent and doing a ssh -A have the very same public keys in ~/.ssh/authorized_keys of the machine they are coming from? ssh(1) is very clear in its warning about enabling agent forwarding. The simple act of prompting the user before using the key would enable them to determine
2015 Nov 26
2
How disable forwarding-only connections (i.e. non-shell/command non-sftp connections)? (Maybe this is a feature request!)
Hi Peter, What I am looking for is an SSHD configuration where every successfully authenticated connection also guaranteedly will lead to a ForcedCommand invocation. Currently I understand this to be the case only for the connections that open channel to deliver a terminal, command or SFTP (I don't know if you have a collective name for such non-forwarding channels). Is this possible?
2013 Apr 02
1
RFC: More explicit ssh agent forwarding on SSH_ASKPASS confirmation
This is an old idea I had, resurrected by the mention of changing the agent protocol in "ssh-agent allowing access to other users?" thread. Currently, when you forward the ssh-agent, the forwarded host has the same rights as the local user. And when the key requires confirmation, the is quite terse: "Allow use of key foobar? Key fingerprint abcdf." It would be desirable to
2016 Oct 04
8
[Bug 2621] New: ControlMaster started by scp (non-ssh?) doesn't forward agent
https://bugzilla.mindrot.org/show_bug.cgi?id=2621 Bug ID: 2621 Summary: ControlMaster started by scp (non-ssh?) doesn't forward agent Product: Portable OpenSSH Version: 7.3p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: Miscellaneous
2003 Sep 12
1
Agent Forwarding Anomalies on OpenBSD 3.3/OpenSSH 3.6.1
I have a curious situation with four OpenBSD 3.3 hosts. Each of these has public/private keys on each other for inter-host authentication using RSA2 keys. For instance, they're called hostA-to-hostBCD, hostB-to-hostACD, hostC-to-hostABD, and hostD-to-hostABC. The sshd_config files, on each host, look as follows... #; #; /etc/ssh/sshd_config #; Port 22 Protocol 2 ListenAddress
2016 Mar 11
2
OpenSSH Security Advisory: xauth command injection
Nico Kadel-Garcia <nkadel at gmail.com> writes: > I'm just trying to figure out under what normal circumstances a > connection with X11 forwarding enabled wouldn't be owned by a user who > already has normal system privileges for ssh, sftp, and scp access. Some OS distributions (FreeBSD, RHEL / CentOS, probably Fedora) have X11Forwarding enabled by default. DES --
2008 Jul 06
11
OpenSSH 5.1: call for testing
Hi, OpenSSH 5.1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release is one of the biggest in recent years, with two hackathons' worth of improvements and fixes for some of our most recalcitrant bugs. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is
2001 Aug 27
2
agent forwarding with v2
I'm confused about the status of auth agent forwarding while using v2 protocols. I found an old newsgroup post that said it was not available but an entry in the ChangeLog entry dated 20001113 seems to indicate that it was added. So. Does agent forwarding work while using v2 protocols? I've been unable to get it to work since I switched to using v2. Thanks, Ben -- Ben Beuchler
2000 Sep 22
2
Agent forwarding with DSA keys?
Does agent forwarding work with DSA keys? I'm using 2.2.0p1 on RedHat Linux 6.2 (Alpha) and Solaris 2.6 (SPARC). If I ssh-add my RSA key into the local agent and ssh to another machine, the agent connection is forwarded properly. (I can say "ssh-add -l" and see my keys.) If I ssh-add my DSA key into the local agent and "ssh -2" to another machine, the agent connection
2016 Sep 09
2
fyi: agent forwarding fails (with enabled ControlMaster) after time shift on client
Hello. Yes, i think that was the cause why agent forwarding wasn't performed at all, i had to rm(1) the control socket and the next ssh(1) connection forwarded the agent normally again. (It was a huge timeshift by several hours.) I.e., just in case this is something you didn't have on your radar yet. Ciao. --steffen
2002 Aug 13
2
Agent Forwarding on Solaris, 3.4p1
Has anyone used Agent Forwarding in 3.4p1? We can't seem to get it working under Solaris 2.6 or 8 (Sparc).