I Currently use some servers to do some benchmarks. I need to log into multiple servers and git clone ... from assembla.
Currently I copy my private key to the server and then update the .ssh/config
file. Although I share this user and server with other people to do their benchmarks. What is the best practice for this(without creating a new user for everyone on the server). Is there anyway I can use ssh-add key then use git on the server and pull the repo without storing the key on the server?
Since you're using key-based authentication, the best solution is to allow forwarding of the authentication agent connection over the secure channel. If your public key is stored on the last server, there’s no need to store your corresponding private key on the intermediate host.
Since the default client setting is not to forward the authentication
agent to the remote host, you should enable agent forwarding in your client
configuration. Add the following line to your ~/.ssh/config
:
Host intermediate.server.name
ForwardAgent yes
On the server, the default is to enable Agent Forwarding but in case it has
been disabled, you should ensure that the following line is uncommented in the
server’s SSHD configuration (usually /etc/sshd_config
).
AllowAgentForwarding yes
GitHub have a good article on Using SSH agent forwarding which references Steve Friedl's comprehensive Guide to SSH Agent Forwarding.