使用 putty 和 pageant,我想登录到主节点,然后从那里 ssh 到代理。转发在 putty 选项中启用。我可以 ssh 到主节点而无需密码提示。但是,从主节点到从节点,它要求输入密码。虽然从节点的 authorized_keys 中没有公钥,但我希望转发也能做同样的事情。不是吗?
login as: vagrant
Authenticating with public key "rsa-key-20180330" from agent
Last login: Fri Mar 30 17:15:53 2018 from 192.168.65.1
[vagrant@m1 ~]$ cat .ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgcwqaj7nbho7I6yNPZTsMx/VkKDzmRksJ5POHdvpPdtKvukRHvBpNVWwL1K0bq2lzrYNqqGPkvPr7s8R5h9m+bEFP2suwW2lVvNnCB9hdNB5al3x3cK1MtYERUrpTCaocMZY2CM8y+ccZzSJ68qHalLatDtd9d5NY0LRztHSK/yB1elALSK13Qo9wYfYByGLx3eFtdczelHfG7a7TKOBPuFaYoLIpGyvK9woTQTcW6gasdl3pkYzx7Az8ij9skuxsuHeqXqgRc4B73tNCkXbgbkTohEaYPFQ/jZ1Lk2tPM79PWbZyW0AVxMWTgK+IahmAOh3ZmOFbNEmLEEGOwPfLw== rsa-key-20180330
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7K1ldqJbAYzFsrGcDJe5xf1UyiCwTrvyn8K4GSRTxaam35dduZIAb1c5rpDs0OHfASTCrBXDu1bZXQIHNeskhLyGrDZ3mffomptwcr66YvPylGtpT8+XfSZD7YbyANB+7bTP8jrUD78dqllVbQqRFGVN0QeDTy9cJ/Yekv6p19WNRu+bMpfg0xwH0hF5L7njO7QKRpFqG2gRmkJL1W1OlBTBsCs+4gD+LCdRmKXWaTeNvfhdkLFFTdGnWaKpk09HgN7Y8UYjAIOW8+rd8wXD3W6XWU7laugCggI+p1pP27tJNnxK5QuIaR+asNRW5UJ0MhjYRTVABoXhw6DgaqN5f vagrant
[vagrant@m1 ~]$ ssh -A a1
vagrant@a1's password:
Last login: Fri Mar 30 17:16:15 2018 from 192.168.65.90
[vagrant@a1 ~]$ cat .ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7K1ldqJbAYzFsrGcDJe5xf1UyiCwTrvyn8K4GSRTxaam35dduZIAb1c5rpDs0OHfASTCrBXDu1bZXQIHNeskhLyGrDZ3mffomptwcr66YvPylGtpT8+XfSZD7YbyANB+7bTP8jrUD78dqllVbQqRFGVN0QeDTy9cJ/Yekv6p19WNRu+bMpfg0xwH0hF5L7njO7QKRpFqG2gRmkJL1W1OlBTBsCs+4gD+LCdRmKXWaTeNvfhdkLFFTdGnWaKpk09HgN7Y8UYjAIOW8+rd8wXD3W6XWU7laugCggI+p1pP27tJNnxK5QuIaR+asNRW5UJ0MhjYRTVABoXhw6DgaqN5f vagrant
[vagrant@a1 ~]$
这里遗漏了什么配置吗?
答案1
代理转发使“中间” ssh 服务器能够将您使用的密钥转发到您正在联系的下一个服务器。它不会神奇地让下一个服务器决定允许该密钥访问。与任何其他密钥一样,您需要设置“从属”服务器以实际允许它,方法是将其包含在您正在连接的帐户的 authorized_key 文件中。