我正在写我的ssh config文件,并希望发送具有选定键的座席。没有密钥要离开我的本地计算机,并且发送的代理可能仅具有必要的密钥。所有密钥都需要密码。我不想按顺序多次输入密码,例如访问server时,但无论何时访问机器,都不必介意再次输入。下面显示了我要如何连接到不同的服务器:
local [--> git (git key)]
local --> frontend (compute key)
local --> frontend (compute key) --> server (compute key)
local --> frontend (compute key) [--> git] (git key)
local --> otherserver (passwort & app)
local --> otherserver (passwort & app) [--> git] (git key)
local --> somwherelse (else key)
我的本地ssh config:
Host server
HostName server.compute.net
User user1
AddKeysToAgent yes
IdentitiesOnly yes
IdentityFile ~/.ssh/id_ed25519_compute
IdentityFile ~/.ssh/id_ed25519_git
ProxyJump frontend
Host frontend
HostName frontend.compute.net
User user1
AddKeysToAgent yes
IdentitiesOnly yes
IdentityFile ~/.ssh/id_ed25519_compute
IdentityFile ~/.ssh/id_ed25519_git
Host otherserver
Hostname otherserver.com
User user2
AddKeysToAgent yes
IdentitiesOnly yes
IdentityFile ~/.ssh/id_ed25519_git
Host somwhereelse
Hostname somewhereelse.com
User user3
AddKeysToAgent yes
IdentitiesOnly yes
IdentityFile ~/.ssh/id_ed25519_else
Host git
Hostname git.url.com
IdentitiesOnly yes
IdentityFile ~/.ssh/id_ed25519_git
但是当我在git pull上尝试frontend时,我得到:
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
[在本地,git访问有效。在登录到frontend之前,我确保代理正在运行。我做错了什么?
为了使其中一台远程主机上的ssh使用存储在ssh-agent上运行的local中的密钥,必须通过使用命令行上的-A选项或通过添加代理来启用代理转发ForwardAgent yes到远程主机的配置。