Page History

...

For people who ssh into one computer such as xbio, and from there to another computer such as lilac or luna, authentication forwarding enables the intermediary computer (xbio) to connect back to ssh-agent on the original client (Mac or PC) for authentication to the remote server (lilac). For example I ssh from teriyaki to xbio, and then from xbio to lilac. Even though I don’t keep my private key on lilac, teriyaki can authenticate my connection to lilac through xbio so I don’t need a copy of my private key on luna.

For Mac: To enable authentication forwarding, use “ForwardAgent yes” in ~First add your private key passphrase to the Apple Keychain with "ssh-add -K ~/.ssh/id_rsa". Then enable authentication forwarding to xbio add the following to ~/.ssh/config on your workstation, or use “ssh A“. Add your private key passphrase to the Apple Keychain with config on your Mac:

Host xbio.mskcc.org

  Port 2222

  ForwardAgent yes

Or use “ssh -A xbio" each time. 

For Windows: Please see the Windows section below.Additional keys can be loaded on intermediate machines, which has useful implications for working at another machine if you have sshaccess to your workstationabove.

Additional Information

Read the manual pages on your workstation or a server: man ssh. If you have any issues, please contact hpc-request@cbio.mskcc.org

...