Bruce, Thu, 7 Jul 2016 21:07:38 -0400:
Say I have 5 boxes on my network,
box1
box2
box3
box4
box5
Each box has a generic user - user1, with limited perms/access
On my local box, i create a pub/private ssh key. I copy the pub key to each
box..
From my local box, I can then ssh -using the priv/pub key into box1.
From box1, can I then hop/ssh over to box2, using the pub key for the user1
that I created/installed?
Why don't you ssh into box2 directly?
Anyway: if you use a ssh-agent on your local box, you can forward the
connection to it by doing
ssh -A box1
From box1 you should now be able to ssh into box2 using the keys your
local ssh-agent provides access to.
The downside of using -A (or setting AgentForward in the config) is that
anyone with sufficient rights to access the forwarded agent socket on
box1 can use that to ssh into the other boxes impersonating you - i. e.
a potential security risk you should be aware of.
A different way to achieve your goal might be making use of OpenSSH's
ProxyCommand option. But I don't know from the top of my head what
exactly would have to be done.
--
Regards
mks