You can use the public part of a key to to specify which private key
you want to use from the forwarded agent. This requires creating an
extra file (the public part of the key) on any “intermediate” machines
(machines to which you forward your local ssh-agent).
- Arrange for the intermediate machine to have a copy of the public part of the desired key in a convenient location (e.g.
~/.ssh/some_other_key.pub
).
From any machine that already has the public part of the key:
or, on the intermediate machine:scp some_other_key.pub intermediate:.ssh/
You may want to edit the trailing “comment” part of the public key to better identify the key’s origin/owner/purpose (or attempt to hide the same).ssh-add -L | grep something_unique > ~/.ssh/some_other_key.pub
- Use the pathname to the above public key file with
-i
orIdentityFile
. - You may also need to use
IdentitiesOnly yes
(in.ssh/config
or-o
) to keep ssh from trying to offer any additional identities from your forwarded agent.