Say you create an SSH key on host 1 and send the public part to host 2 so you can login from host 1 to host 2 without a password. If you then want to login from host 1 to a new host say host 3, what do you do?
Do you create a new key on host one and send that to host 3? Or will that mess up the relationship between host 1 and host 2? Or do you send the same public key to host 3?
I cant find a tutorial that explains what is going on simply enough for my brain to understand.
Thanks
Answer
If you then want to login from host 1 to a new host say host 3, what do you do?
If you want to:
-
establish a new SSH session from
host 1tohost 3, you should add the public key of the user onhost 1* to theauthorized_keysfile onhost 3. Technically, it doesn’t matter if it’s the same key-pair as forhost 2, or a different one. -
connect from
host 1tohost 2and from within that session to connect tohost 3, you need to add the public key of the user onhost 1(the same one which you use to connect tohost 2) to theauthorized_keysfile onhost 3and enable SSH agent forwarding in SSH daemon onhost 2and add an option to use SSH agent forwarding when establishing a session fromhost 1tohost 2.
* Strictly speaking “the public key of host 1” means the public key of the key-pair that host 1 will use when connecting to the target. It can be the one in the default location ~/.ssh/id_rsa or explicitly specified with -i when establishing a session, or specified in the configuration file.
Attribution
Source : Link , Question Author : Nigel Alderton , Answer Author : techraf
