ssh config - 将选定的密钥发送给代理

ssh config - send selected keys to agent

我正在编写我的 ssh config 文件并希望发送带有选定密钥的代理。没有密钥会离开我的本地机器,发送的代理可能只有必要的密钥。所有密钥都需要密码。我不想按顺序多次输入密码,例如访问 server 时,但不介意每当我访问一台机器时再次输入它。下面显示了我想如何连接到不同的服务器:

local [--> git (git key)]
local --> frontend (compute key)
local --> frontend (compute key) --> server (compute key)
local --> frontend (compute key) [--> git] (git key)
local --> otherserver (passwort & app)
local --> otherserver (passwort & app) [--> git] (git key)
local --> somwherelse (else key)

我的本地 ssh config:

Host server
 HostName server.compute.net
 User user1
 AddKeysToAgent yes
 IdentitiesOnly yes
 IdentityFile ~/.ssh/id_ed25519_compute
 IdentityFile ~/.ssh/id_ed25519_git
 ProxyJump frontend

Host frontend
 HostName frontend.compute.net
 User user1
 AddKeysToAgent yes
 IdentitiesOnly yes
 IdentityFile ~/.ssh/id_ed25519_compute
 IdentityFile ~/.ssh/id_ed25519_git

Host otherserver
 Hostname otherserver.com
 User user2
 AddKeysToAgent yes
 IdentitiesOnly yes
 IdentityFile ~/.ssh/id_ed25519_git

Host somwhereelse
 Hostname somewhereelse.com
 User user3
 AddKeysToAgent yes
 IdentitiesOnly yes
 IdentityFile ~/.ssh/id_ed25519_else

Host git
 Hostname git.url.com
 IdentitiesOnly yes
 IdentityFile ~/.ssh/id_ed25519_git

但是当我在 frontend 上尝试 git pull 时,我得到:

git@git.url.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

在本地,git 访问有效。在登录 frontend 之前,我确定代理是 运行。我做错了什么?

为了让其中一台远程主机上的 ssh 使用存储在 local 上的 ssh-agent 运行 中的密钥,您必须启用代理转发,通过在命令行上使用 -A 选项或将 ForwardAgent yes 添加到远程主机的配置中。