This is regarding SSH on MAC OSx 10.6. I have a WIN and a MAC box as SSH clients. I am required to login to a SSH enabled server LINUX1 from both these MAC and WIN boxes. Now I have another LINUXJump box which can be used as an intermediate jump box to ssh to LINUX1 from either MAC or WIN hosts. I have no issues logging in using ssh from WIN and MAC directly to LINUX1 host…but when I use the LINUXJump box as an intermediate host to ssh to LINUX1…I have a problem. From WIN box (using Putty with pagent), everything is fine…I am able to login to LINUX1 after getting onto the LINUXJump host. From MAC box, although I am able to ssh to LINUXJump host…but when I want to ssh to LINUX1 from LINUXJump host…I am getting an error indicating “permission denied (public key)". I am getting similar error when I am stopping the pagent on WIN machine and trying to ssh from WIN to LINUXJump and then to LINUX1. I observed that when pagent is not running both the MAC and WIN have the same issue. Doesnt make sense as I can directly ssh to LINUX1 from both MAC and WIN hosts.
I ran the ssh login using verbose to see whats going on when pagent is not running…the difference is that on WIN when pagent is not running and on MAC all the time…once the authentication method is determined as keyboard interactive and public key…WIN machines offers public key…whereas MAC and WIN without pagent running will skip and look for pvt key id_rsa instead which is not available on the intermediate host LINUXJump and fails. I do not understand whats going on here. I read in some forums that we can use keychain to save the pvt key password and it will pass on the password to next sessions. Tried that but didnt work.
Please let me know if you need more info. Thanks.
I wouldn’t call this “amazing” necessarily…more like one of the annoying things about OSX that makes some users wish they were just on a regular Linux box.
The notion of a keychain itself is extraneous if you already have a .ssh directory for each user. Linux loads all keys from that directory “automagically” by default in its ssh client, no need to even run ssh-add.
You saved me a lot of nerve!
Form is loading...