Use ssh-agent

Using ssh-agent is a program that controls the private key used to save the public key for authentication. The ssh-agent starts at the beginning of the X session or logon session. All other windows or programs are started as client programs and added to the ssh-agent program. By using environment variables, you can locate the proxy and use the proxy to automatically perform authentication when logging on to another ssh machine. In fact, the ssh-agent is a key manager for www.2cto.com. After running the ssh-agent, use ssh-add to hand over the private key to the ssh-agent for safekeeping, when other programs require authentication, they can submit the authentication application to the ssh-agent to complete the authentication process. By using ssh-agent, you can easily roam between hosts. If we have three servers at hand: host1, host2, and host3 are saved on each server (supersun. biz), so I can log on to each host through Public Key Authentication: [root@supersun.biz ~] # Ssh host1Last login: Thu Oct 18 13:56:08 2007 from supersun [root @ host1 root] # [root@supersun.biz ~] # Ssh host2Last login: Fri Oct 12 11:14:44 2007 from supersun [root @ host2 root] # [root@supersun.biz ~] # Ssh host3Last login: Sat Sep 29 10:21:32 2007 from supersun [root @ host3 root] # However, no public keys are saved between the three servers, moreover, it is impossible for me to store my private key on the server (Insecure), so there is no public key between them for authentication (password authentication is supported, but it is so slow that I often lose the password, it is easy to forget too many passwords ). However, if we enable ssh-agent, the problem can be solved. Enable ssh-agent: [root@supersun.biz ~] # Eval 'ssh-agent' agent pid 3526 add private key: [root@supersun.biz ~] # Ssh-addIdentity added:/root /. ssh/id_rsa (/root /. ssh/id_rsa) edit the/etc/ssh/ssh_config file: ForwardAgent yes to enable ssh-agent to forward the file, so that you can log on to: supersun. biz ----> host1 ----> host2. At this point, please note that if no forwarding is set on host1, you will not be able to log on to host3. After forwarding is set, you can jump to rs3. Root@supersun.biz ~ # Ssh host1Last login: Thu Oct 18 16:21:29 2007 from supersun [root @ host1 root] # vi/etc/ssh/ssh_config [root @ host1 root] # ssh host2Last login: thu Oct 18 16:20:28 2007 from supersun [root @ host2 root] # ssh host3Last login: Thu Oct 18 16:10:39 2007 from supersun [root @ host3 root] # It is basically done here, another small problem is that you cannot run ssh-agent manually every time! The most time-saving method is to write it to the profile: in order not to mess up the profile, I create a ssh-agent.sh file under/etc/profile. d: [root@supersun.biz ~] # Cat/etc/profile. d/ssh-agent.sh #! /Bin/sh if [-f ~ /. Agent. env]; then .~ /. Agent. env>/dev/nullif! Kill-0 $ SSH_AGENT_PID>/dev/null 2> & 1; thenecho "Stale agent file found. Spawning new agent..." eval' ssh-agent | tee ~ /. Agent. env 'ssh-addfielseecho "Starting ssh-agent..." eval' ssh-agent | tee ~ /. Agent. env 'ssh-addfi will not generate too many ssh-agent programs and support the GUI environment. When I open a terminal: Stale agent file found. spawning new agent... agent pid 2543 Identity added:/root /. ssh/id_rsa (/root /. (ssh/id_rsa) [root@supersun.biz ~] # Added a new key.