Certified Security - Specialty

Sign Up Free or Log In to participate!

SSH Agent for connecting b/w servers

Hello Ryan, I have seen on more than one video that you copy your private ssh key when demonstrating SSH between a public instance and a private instance.  You say, "I’m going to load the private key"  and "you should never ever do that".  Why don’t you use an ssh agent.  It’s as simple as "ssh-add -K SOME_PRIVATE_KEY"

Ian Williams

The SSH agent wouldn’t automatically work if you’re using a jump-host to connect to a private server. You’d need to enable agent forwarding on the client for it to create/listen to SSH sockets on the jump host. That being said, it’d work fine.

1 Answers

Thats right Daren…SSH forwarding is the recommended way of not storing the private keys on the bastion host but Ryan is warning here though.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?