At AWS cloud platform, I provisioned a bastion host and ec2 instances. I would like to login to ec2 instances from the bastion host using ssh agent forwarding. It is not working. Here is what I've done.
- At my local ubuntu laptop:
cat ~/.ssh/config
Host *
ForwardAgent yes
- start the ssh-agent
eval `ssh-agent`
- login to bastion host
ssh -A -i key.pem [email protected]
- I successfully logged into bastion host.
- At the bastion host, login to an ec2 instance. I got permission denied.
ssh -A 10.1.11.21
[email protected]: Permission denied (publickey).
- I copied key.pem to the bastion host. With the key.pem, I am able to login to ec2 instance from bastion host. At the bastion host,
ssh -i key.pem 10.1.11.21
I prefer not to copy key.pem to every ec2 instance. How to solve the problem?