Date: Fri, 08 Jan 2010 12:02:43 -0500 From: Carmel <carmel_ny@hotmail.com> To: User questions <freebsd-questions@freebsd.org> Subject: Re: Accessing Computer Message-ID: <BLU0-SMTP5E45337F9086F2294FCFD93700@phx.gbl> In-Reply-To: <4B4759AE.3070803@infracaninophile.co.uk> References: <BLU0-SMTP61F6897280D4F6B765667493700@phx.gbl> <4B4759AE.3070803@infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 08 Jan 2010 16:13:34 +0000 Matthew Seaman <m.seaman@infracaninophile.co.uk> articulated: > You just put the public key from Computer 1 in ~/.ssh/authorized_keys on > both the machines (Computer 2, Computer 3) where you want access. You'll > have to use 'ssh-keygen -i -f filename' to convert the pubkey from the SSH2 > format Putty uses to the OpenSSH format FreeBSD uses, and you need to be > careful to make the authorized_keys file writable only by the account UID. You > can prepend the line in the authorized_keys files with from="hostname" to only > permit access from a specific host if you like. See the section > 'AUTHORIZED_KEYS FILE FORMAT' in sshd(8) for details. You don't need to > install any private keys on Computer 2 or Computer 3. > > Then when you load the key into the agent, be sure and check the 'Forward > the Agent' tickbox. Similarly, when you connect from computer 2 to computer > 3 just add '-A' to the ssh command line, as in: 'ssh -A computer3' -- this > achieves the same agent forwarding under OpenSSH. Computer 3 will ask > computer 2 for authentication, and computer 2 will relay this request back to > computer 1 where there is access to your private key. You can hop through a > large number of machines this way, and so long as you keep forwarding the agent > it should all work. Thank you very much. I had no idea that was possible. -- Carmel carmel_ny@hotmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BLU0-SMTP5E45337F9086F2294FCFD93700>