Ssh agent forwarding


It is common to use ssh keys for deployments on the server. But most of the time you have to setup a new ssh key for each server and these keys doesn’t have passphrase for private key to make deployments easy.

Maintaining ssh keys for servers takes time and storing these keys on the server side can be security problem.

Using ssh agent forwarding, you can solve all the problems above. It allows you to use your local SSH keys instead of keys on your server.

This process provided by ssh-agent, which runs in the background and keeps your key loaded into memory, so that you don’t need to enter your passphrase every time you need to use the key. Another feature is you can choose to let servers access your local ssh-agent as if they were already running on the server.

Example: Assume that users john wants to deploy on remote-server with their local ssh keys. To do this first add local ssh keys to local ssh-agent:

$ ssh-add

After that, give -A command line option when connecting to remote-server:

$ ssh -A [email protected]

Now you can make deployments on the server with your local keys.

See also: man ssh-agent, man ssh-add