0

我正在写我的ssh config文件,并想用选定的密钥发送代理。没有密钥可以离开我的本地机器,并且发送的代理可能只有必要的密钥。所有密钥都需要密码。我不想按顺序多次输入密码,例如访问时server,但不介意每次访问机器时再次输入密码。下面显示了我想如何连接到不同的服务器:

local [--> git (git key)]
local --> frontend (compute key)
local --> frontend (compute key) --> server (compute key)
local --> frontend (compute key) [--> git] (git key)
local --> otherserver (passwort & app)
local --> otherserver (passwort & app) [--> git] (git key)
local --> somwherelse (else key)

我的本地ssh config

Host server
 HostName server.compute.net
 User user1
 AddKeysToAgent yes
 IdentitiesOnly yes
 IdentityFile ~/.ssh/id_ed25519_compute
 IdentityFile ~/.ssh/id_ed25519_git
 ProxyJump frontend

Host frontend
 HostName frontend.compute.net
 User user1
 AddKeysToAgent yes
 IdentitiesOnly yes
 IdentityFile ~/.ssh/id_ed25519_compute
 IdentityFile ~/.ssh/id_ed25519_git

Host otherserver
 Hostname otherserver.com
 User user2
 AddKeysToAgent yes
 IdentitiesOnly yes
 IdentityFile ~/.ssh/id_ed25519_git

Host somwhereelse
 Hostname somewhereelse.com
 User user3
 AddKeysToAgent yes
 IdentitiesOnly yes
 IdentityFile ~/.ssh/id_ed25519_else

Host git
 Hostname git.url.com
 IdentitiesOnly yes
 IdentityFile ~/.ssh/id_ed25519_git

但是当我试穿git pullfrontend,我得到:

git@git.url.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

在本地,git 访问有效。在登录之前,我确保代理正在运行frontend。我做错了什么?

4

1 回答 1

0

为了ssh在其中一台远程主机上使用存储在ssh-agentrunning on中的密钥local,您必须启用代理转发,方法是使用-A命令行上的选项或添加ForwardAgent yes到远程主机的配置中。

于 2020-06-03T22:45:26.540 回答