I have two computers; my workstation and a laptop I use to run my company VPN. I need to go through the VPN in order to reach my Git remote (BitBucket).
I have an SSH agent running on my workstation that contains the SSH key needed to connect to the Git remote. I have configured SSH to forward my SSH agent when connecting to my laptop:
Host my-laptop ForwardAgent yesIf I use SSH to connect to my laptop, I can successfully git pull, and ssh-add-l confirms that the SSH agent was properly forwarded. So far so good!
Here's the challenge: I want to use git directly from my workstation. This should be possibly by configuring SSH to proxy through my laptop. My git remotes look like this:
➜ git remote -vorigin ssh://git@bitbucket.my-company.com:7999/my-team/my-project.git (fetch)origin ssh://git@bitbucket.my-company.com:7999/my-team/my-project.git (push)So I added this SSH configuration:
Host *.my-company.com ProxyJump my-laptopThe proxy jump worked, because now I reach the Git remote! 🎉
However, authentication fails:
>git@bitbucket.my-company.com: Permission denied (publickey). >fatal: Could not read from remote repository.>>Please make sure you have the correct access rights >and the repository exists. >exit status 128So apparently SSH agent forwarding didn't work when proxying the command..?
Troubleshooting steps I have tried:
Connecting to the laptop with SSH and running
git pull- it worksRunning
git pulldirectly from the laptop - it worksAdding
IdentityFileandIdentitiesOnlyto force the right key to be used, didn't make a difference:Host *.my-company.com ProxyJump my-laptop IdentityFile ~/.ssh/hubro@my-company.com.key IdentitiesOnly yesAdding
ForwardAgent yeswhen connecting to the Git remote host, didn't make a difference:Host *.my-company.com ProxyJump my-laptop ForwardAgent yes IdentityFile ~/.ssh/hubro@my-company.com.key IdentitiesOnly yes
So why isn't my local SSH agent being used when running git commands?