Tushar
Tushar

Reputation: 81

SSH agent forwarding in Vagrant

I am using Vagrant to spin up a multi-VM environment (VirtualBox Hostonly mode). Each VM has ssh agent forwarding enabled. As "vagrant" user, I am able to connect to my Bitbucket account and checkout repositories from within the VMs. Here are relevant console logs:

[vagrant@ci-server ~]$ echo $SSH_AUTH_SOCK 
/tmp/ssh-BtewZz3383/agent.3383

[vagrant@ci-server ~]$ ssh -T [email protected]
logged in as <my-bitbucket-account>.

You can use git or hg to connect to Bitbucket. Shell access is disabled.
[vagrant@ci-server ~]$

Each VM also has a user, "go". When I'm logged in as "go" and try to connect to Bitbucket , it throws an error. Even SSH_AUTH_SOCK is not set:

[vagrant@ci-server ~]$ sudo su - go

[go@ci-server ~]$ echo $SSH_AUTH_SOCK

[go@ci-server ~]$ ssh -T [email protected]
Permission denied (publickey).
[go@ci-server ~]$ 

The sudoers file has:

Defaults    env_keep += "SSH_AUTH_SOCK"

So, ssh-agent connections should get fwded when "vagrant" sudos into "go". What am I missing here?

The host is a Mac OS X 10.8 while the VMs are CentOS 6.5 boxes.

Thanks!

Upvotes: 0

Views: 1072

Answers (1)

Kolargol00
Kolargol00

Reputation: 1887

So, ssh-agent connections should get fwded when "vagrant" sudos into "go". What am I missing here?

You are using sudo and su - together and this is:

  1. overkill because sudo alone would do the job;
  2. bad because su - resets your environment, erasing the SSH_AUTH_SOCK variable that you need.

Try using only sudo --shell --user=go to get a shell as that user.

Upvotes: 0

Related Questions