This is a discussion on Question about connecting to an ssh-agent. - openssh ; Hi, I asked a version of this question on #openssh on Freenode, but then realized that there was probably a newgroup on GMane that might be more helpful (in case you where on that channel and this feels like deja ...
I asked a version of this question on #openssh on Freenode, but then
realized that there was probably a newgroup on GMane that might be more
helpful (in case you where on that channel and this feels like deja vu).
So I'm doing something a little non-standard with ssh. I have a dummy
account, call it "dummy", that isn't a member of any groups but its own,
which I use for installing locally built software. I have this "dummy"
account on two computers. To assist maintenance of these accounts I use a
sync program called unison, that communicates over ssh. But I use sudo to
do all my work with stow from my normal user account, call it "normal".
Since I'm the only user of these accounts, I use the same private/public
SSH key pairs on all my accounts between both computers (this might be a
slightly risky practice, but I'm okay with it).
Okay, so I noticed after playing around with root that I could just export
normal's SSH_AGENT_PID and SSH_AUTH_SOCK and use the common identity to
unison via ssh transparently. But with dummy, I don't get the
transparency. Is there any way to relax my ssh-agent to allow "dummy" to
connect to it (and just "dummy" alone)?
There's a simpler way to illustrate my problem without dealing with sudo and
unison... just using su. Let's start in "normal"'s shell with an ssh-agent
up with an ssh-add'ed identity and with SSH_AGENT_PID and SSH_AUTH_SOCK
already exported. I can can "su root", and the exported environment
variables will still be there. Then as root I can ssh transparently.
However, if I "su dummy", this doesn't work. Furthermore, if I try to
ssh-add, I get "Could not open a connection to your authentication agent."
It would be really neat if I could get around this.
I'm just trying to automate a task, and this is the one place where I find
myself a few button's away from a one-button solution.
Thanks for your help,