2

Suppose I have access to pc via a server. I can directly log-on to pc by using How do I connect to a pc through another pc using ssh

Such that my .ssh/config looks like:

Host short
Hostname pc
User me
ProxyCommand ssh me@server nc %h %p

The user and home-folder on pc and server are the same, but only server can be directly reached from the outside world. Now, if I ssh short, I have to type the same password twice.

I am now looking for a way to login using the tunnel without typing my password even once.

I've tried the ssh-keygen procedure, but that does not help me here. I also found this quite related question: Set up password-less SSH tunneling from home computer behind NAT to inside computer behind gateway, but I can't figure out how this would apply to my situation.

The question basically comes down to: how can I setup passwordless login over a ssh alias?

Community
  • 1
Bernhard
  • 12,272

1 Answers1

2

You need to set up key authentication on both machines, both the rebound machine (server) and the target machine (pc).

Create a key pair on your client machine (ssh-keygen) if you haven't already done so. Then copy the public key to server and add it to the authorization list. Then do the same thing for pc.

ssh-copy-id server
ssh-copy-id short

To avoid having to type your passphrase twice, run a key agent. Many systems are set up to run one when you log in: check if the SSH_AUTH_SOCK environment variable is set. If it isn't, run ssh-agent as part of your session startup. Before you start using ssh in a login session, record your passphrase in the agent by running ssh-add ~/.ssh/id_rsa.

Bernhard
  • 12,272
Gilles 'SO- stop being evil'
  • 829,060
  • In the second ssh-copy-id, I had to the name of the alias, which in the above example was short. Thanks! – Bernhard Mar 30 '13 at 07:56