Hi,
I am confused (not that abnormal for me), I just configured a new server instance of Cnetos 8 to replace existing Centos 6.10 host via a migration.
On the old host I could ssh into the system and then issue sudo -I and be authenticated as root without needing to supply a password.
I cannot get the same to work on the Centos 8 system.
Ive tried ssh-add -A etc but when I am logged into new system and enter ssh-add -l no identities are found.
Ive put identies in ~/.ssh/config - no use.
Can any pit me out of my misery with a simple example of what Ishould be doing? am I missing something?
Thanks and regards
Paul
SSH forwarding
Re: SSH forwarding
Looks like two issues.
The ssh agent forwarding makes the ssh connection forward queries made to ssh-agent in the remote host into agent in the local host.
You would enable forwarding with option -A (ForwardAgent yes) of ssh.
You naturally have to have ssh-agent running in the local host and keys loaded to that agent.
The sudo is separate. It is possible to configure sudo to not require password. That is obviously risky.
With package pam_ssh_agent_auth and some config the sudo queries ssh-agent. That has the risks of agent forwarding.
The ssh agent forwarding makes the ssh connection forward queries made to ssh-agent in the remote host into agent in the local host.
You would enable forwarding with option -A (ForwardAgent yes) of ssh.
You naturally have to have ssh-agent running in the local host and keys loaded to that agent.
The sudo is separate. It is possible to configure sudo to not require password. That is obviously risky.
With package pam_ssh_agent_auth and some config the sudo queries ssh-agent. That has the risks of agent forwarding.
Re: SSH forwarding
Out of the fireplace, into the fire...I just configured a new server instance of Cnetos 8 to replace existing Centos 6.10 host via a migration.
CentOS Linux 8 will go EOL on 31 Dec, 2021 -- in 33 weeks, 4 days
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke