From owner-freebsd-questions@FreeBSD.ORG Fri Jan 8 17:02:45 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C939D1065676 for ; Fri, 8 Jan 2010 17:02:45 +0000 (UTC) (envelope-from carmel_ny@hotmail.com) Received: from blu0-omc4-s5.blu0.hotmail.com (blu0-omc4-s5.blu0.hotmail.com [65.55.111.144]) by mx1.freebsd.org (Postfix) with ESMTP id 898498FC08 for ; Fri, 8 Jan 2010 17:02:45 +0000 (UTC) Received: from BLU0-SMTP5 ([65.55.111.135]) by blu0-omc4-s5.blu0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959); Fri, 8 Jan 2010 09:02:44 -0800 X-Originating-IP: [67.189.160.65] X-Originating-Email: [carmel_ny@hotmail.com] Message-ID: Received: from seibercom.net ([67.189.160.65]) by BLU0-SMTP5.blu0.hotmail.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.3959); Fri, 8 Jan 2010 09:02:43 -0800 Date: Fri, 08 Jan 2010 12:02:43 -0500 From: Carmel To: User questions Organization: seibercom.net In-Reply-To: <4B4759AE.3070803@infracaninophile.co.uk> References: <4B4759AE.3070803@infracaninophile.co.uk> X-Face: %w26Xx*^+moP{$gQJ3pY@y!8g&-n%/zKp; aE#\*zy9L1X$QU7)|K"# QM:ob~"(eWt{P?#Ec; |v]#G"{{WZF-rt\4n1IS3I[w>Z MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Becky! ver. 2.52.03 [en] X-OriginalArrivalTime: 08 Jan 2010 17:02:43.0985 (UTC) FILETIME=[651B4810:01CA9084] Subject: Re: Accessing Computer X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: User questions List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jan 2010 17:02:45 -0000 On Fri, 08 Jan 2010 16:13:34 +0000 Matthew Seaman articulated: > You just put the public key from Computer 1 in ~/.ssh/authorized_keys on > both the machines (Computer 2, Computer 3) where you want access. You'll > have to use 'ssh-keygen -i -f filename' to convert the pubkey from the SSH2 > format Putty uses to the OpenSSH format FreeBSD uses, and you need to be > careful to make the authorized_keys file writable only by the account UID. You > can prepend the line in the authorized_keys files with from="hostname" to only > permit access from a specific host if you like. See the section > 'AUTHORIZED_KEYS FILE FORMAT' in sshd(8) for details. You don't need to > install any private keys on Computer 2 or Computer 3. > > Then when you load the key into the agent, be sure and check the 'Forward > the Agent' tickbox. Similarly, when you connect from computer 2 to computer > 3 just add '-A' to the ssh command line, as in: 'ssh -A computer3' -- this > achieves the same agent forwarding under OpenSSH. Computer 3 will ask > computer 2 for authentication, and computer 2 will relay this request back to > computer 1 where there is access to your private key. You can hop through a > large number of machines this way, and so long as you keep forwarding the agent > it should all work. Thank you very much. I had no idea that was possible. -- Carmel carmel_ny@hotmail.com