Is it possible to implement use of ssh-agent-forwarding to access target hosts?
As far as i know, we may use ssh user@semaphore-host -A option.
With '-A' option the special socket will be created on semaphore-host (somewhere) - that allow to go target host from shell and authenticate there using home ssh private key (auth agent).
The semaphore (if allowed by the configurable option) could use that agent-connection to try to authorize access to the target host, if there are any of such sockets.
If implemented, there could be a case:
no private keys put into semaphore
when need to run a playbook (that runs on remote hosts) - just connect via ssh -A to the semaphore and access will be granted.
mcgru
commented
6 months ago
Is it possible to implement use of ssh-agent-forwarding to access target hosts? As far as i know, we may use
ssh user@semaphore-host -Aoption. With '-A' option the special socket will be created on semaphore-host (somewhere) - that allow to go target host from shell and authenticate there using home ssh private key (auth agent). The semaphore (if allowed by the configurable option) could use that agent-connection to try to authorize access to the target host, if there are any of such sockets.If implemented, there could be a case: