Oh, so it's more like tunnelling SSH in SSH, similar to X11 in SSH or SOCKS through SSH?
I just remember that last time I connected I think I had to use agent forwarding. I may be wrong, I was tired while writing this email last night.
On Oct 4, 2011 6:00 AM, "Kevin Fenzi" <email@example.com
> On Tue, 4 Oct 2011 00:43:51 -0700
> Darren VanBuren <firstname.lastname@example.org
>> The recommended method is using agent forwarding at this time
>> according to
> No, there's no need for agent forwarding, and thats hopefully not what
> the policy / sop says. ;)
> It uses ssh -W, which basically just forwards stdout/stdin to the
> remote machine (or you can use nc, which does the same exact thing).
> This means you authenticate to bastion, then run the command to forward
> things and all the rest of your communication is with whatever machine
> you are connecting to. No agent. No private keys stored on shared
> machines. No need to ssh to a machine then ssh to another one, it's all
> in one command.