虽然这是一个简单的问题,但我已经搜索了几天没有成功。
M = My machine
J = Jump Host
S = Server
Jump Host has my public key on authorized_keys.
Server has J's public key on authorized_keys.
Allowed connections (due to key authentication):
M -> J
J -> S
我怎么可能从我的机器进入S?
我目前的配置是:
host jump
user root
HostName x.x.x.x
host server
user root
HostName x.x.x.x
port 22
ForwardAgent no
ProxyCommand ssh jump -W %h:%p
尝试使用M键登录时无法正常工作。
这是ssh日志
debug1: Host 'x.x.x.x' is known and matches the ECDSA host key.
debug1: Found key in /Users/xxxxx/.ssh/known_hosts:1542
...
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/xxxxx/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /Users/xxxxx/.ssh/id_dsa
debug1: Trying private key: /Users/xxxxx/.ssh/id_ecdsa
debug1: Trying private key: /Users/xxxxx/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey).
Killed by signal 1.
答案 0 :(得分:4)
是。当然它试图用M的密钥登录。你并没有真正从J连接到S.
第一个ssh连接是从M到J.这个只是设置一些转发。第二个ssh连接使用第一个ssh设置的转发直接从M到S. - 没有机会在J上使用密钥。
您可以使用ssh -A jump ssh-add将J的密钥添加到代理商。
那么你的设置应该可以正常工作。
另一个想法可能是ssh -t jump ssh server。这样你就可以登录J并从那里登录到S,就像你期望的那样。