LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-18-2014, 07:12 PM   #1
Tachtory
Member
 
Registered: Dec 2011
Distribution: Mint, Slackware
Posts: 43

Rep: Reputation: Disabled
'Double log-in' with SSH keys?


I recently configured my computers to not allow password login and only allow publickey access.

Prior to this using passwords I was able, on my home network, to:
  • Using computer 1, ssh into computer 2
  • While logged into computer 2, ssh into computer 3

When I try this now, I get

Code:
Permission denied (publickey,keyboard-interactive)
I tried copying the private-key of computer 1 to computer 2's .ssh directory but it didn't seem to make a difference.
 
Old 06-18-2014, 08:21 PM   #2
evo2
LQ Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and Scientific Linux
Posts: 5,753

Rep: Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288
Hi,

the private key should only on computer 1, but you need to enable authentication forwarding when you ssh to computer 2. This can be done using the -A option. If this does not work you should check the output logged by sshd on computer 3. On Debian and derived systems this is usually /var/log/auth.log and on RHEL /var/log/secure. You should also run ssh with -vvv for extra verbose output.

Evo2.
 
Old 06-18-2014, 09:18 PM   #3
Tachtory
Member
 
Registered: Dec 2011
Distribution: Mint, Slackware
Posts: 43

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by evo2 View Post
the private key should only on computer 1, but you need to enable authentication forwarding when you ssh to computer 2. This can be done using the -A option.
That worked. Thanks!
 
Old 06-18-2014, 09:32 PM   #4
evo2
LQ Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and Scientific Linux
Posts: 5,753

Rep: Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288
Hi,
Quote:
Originally Posted by Tachtory View Post
That worked. Thanks!
Great.

Assuming that you are doing this because you can't ssh from computer 1 directly to computer 3, you might find the following thread interesting.

http://www.linuxquestions.org/questi...nd-4175506340/

You'll want to add
Code:
ForwardAgent yes
to the section corresponding to your computer 2.

In that post serverA, serverB and serverC map directly to your "computer 1", "computer 2" and "computer 3".

HTH,

Evo2.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how to log ssh activity in /var/log/ssh/ssh*.log MrUmunhum Linux - Server 3 11-02-2011 03:25 AM
SSH host keys are not being read correctly from .ssh/known_hosts. bartonski Linux - Software 3 10-29-2009 05:40 PM
SSH host keys VS SSH keys kenneho Linux - Security 3 09-11-2008 07:03 AM
keyboard issue - have to double press some keys whysyn Linux - Hardware 9 10-31-2005 09:25 AM
Configuring SSH to accept only keys (already have keys) fr0st Linux - Security 3 11-04-2003 04:31 AM


All times are GMT -5. The time now is 05:54 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration