A knowledge bank of tedious tasks for the good of humanity (and my own future reference).
# 1. Setup
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_rsa
echo "You can now use ssh -A user@hostname"
# 2. Log into remote host:
ssh -A [user]@[hostname]
Our goal is to do SSH Agent Forwarding. i.e. We want to be able to use our local ssh keys when I am on remote. e.g. to push and pull from Github whilst on remote.
a. Test Github works n.b. You could use a different host.
ssh -T git@github.com
# Result
# Enter passphrase for key '/Users/thomasjohnson/.ssh/id_rsa':
# Hi thomas-dsl-johnson! You've successfully authenticated, but GitHub does not provide shell access.b. Edit .ssh/config (You may need to create ~/.ssh/config)
Host *
ForwardAgent yes
# This is bad practice, but we will fix it later
c. Run ssh-agent
ssh-agentd. Take the output from that command and paste it into the terminal. This will set the environment variables that need to be set for agent forwarding to work.
e. Add the key you want forwarded to the ssh agent:
ssh-add
# May need: ssh-add [path to key if there is one]/[key_name].pem
f. Set up is done. We should check it works. To test that agent forwarding is working with your server, you can SSH into your server and run once more. If all is well, you'll get back the same prompt as you did locally.
# Check it works
ssh -T git@github.com
# n.b. From here, if you log into any other host that accepts that key, it will just work:
ssh [user]@[hostname]g. Fix our bad practice
Host [host address]
ForwardAgent yes
n.b. Troubleshoot
# Inside remote:
echo "$SSH_AUTH_SOCK"
# If the variable is not set, it means that agent forwarding is not workingn.b. If you are using SSH Agent Forwarding for a git repo, make sure you switch your remote's URL from HTTPS to SSH. Otherwise you will receive a password/token authentication issue.
git remote set-url origin git@github.com:thomas-dsl-johnson/<repo-name>.gitOur goal is to add a git submodule to repository.
git submodule add git@github.com:thomas-dsl-johnson/<repo-name>.git