4

I'm trying to use ssh agent forwarding on my local machine so that I dont have to use my private key on remote server for git clone [email protected]:username/bucketname.git

I have following setup on my machine:

 $cat ~/.ssh/config
    Host bitbucket.org
     IdentityFile ~/.ssh/id_rsa

    Host 172.28.128.3
     ForwardAgent yes

and have added my public key to bitbucket site

when i run ssh -T [email protected] it shows 

logged in as <username>.
You can use git or hg to connect to Bitbucket. Shell access is disabled.

means ssh protocol working right and I can clone any repo.

But when I run on my remote machine/host ( mentioned in .ssh/config file with ip 172.28.128.3)

buntu@remoteMachine$ ssh -vT [email protected]
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to bitbucket.org [131.103.20.168] port 22.
debug1: Connection established.
debug1: identity file /home/ubuntu/.ssh/id_rsa type 1
debug1: identity file /home/ubuntu/.ssh/id_rsa-cert type -1
debug1: identity file /home/ubuntu/.ssh/id_dsa type -1
debug1: identity file /home/ubuntu/.ssh/id_dsa-cert type -1
debug1: identity file /home/ubuntu/.ssh/id_ecdsa type -1
debug1: identity file /home/ubuntu/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/ubuntu/.ssh/id_ed25519 type -1
debug1: identity file /home/ubuntu/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40
debug1: Host 'bitbucket.org' is known and matches the RSA host key.
debug1: Found key in /home/ubuntu/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/ubuntu/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/ubuntu/.ssh/id_dsa
debug1: Trying private key: /home/ubuntu/.ssh/id_ecdsa
debug1: Trying private key: /home/ubuntu/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey).

I am using ec2 instance as remote machine.

please help me in resolving this issue.

Improve this question
4
  • did you add your identity to the agent? You can verify by running ssh-add -l on your local machine. This should also work on remote one to verify it is forwarded successfully. Commented Aug 5, 2015 at 11:19
  • i got this. Actually I was running ssh command as sudo to login to ec2 instance. When i ran it withoute sudo, it worked !! Commented Aug 5, 2015 at 11:30
  • @PremSompura I am also facing same problem. In my local my using "abc" user while ssh into ec2 server I use "abc" user but ec2 having "ubuntu" user.. will this create problem ? Commented Nov 26, 2017 at 14:05
  • @PushkerYadav You need to forward your ssh agent. Try adding your agent via ssh-add and use ssh -A user@host to login. Commented Dec 18, 2017 at 11:31

1 Answer 1

Reset to default
3

I would highly recommend this link to set up ssh forwarding agent Guide for SSH Agent Forwarding

Try troubleshooting it like this:

  1. Check you have written correct Host IP in your local machine .ssh/config

  2. On your local machine, run this command --> echo "$SSH_AUTH_SOCK"

2.1. If this gives empty response, then do this: eval `ssh-agent -s` && ssh-add -k

  1. Everything should be working now
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.