# Agent Forwarding

Adding and removing keys to the agent:
```
waja at Brotschneidemaschine in ~
$ eval "$(ssh-agent -s)"
Agent pid 7715

waja at Brotschneidemaschine in ~
$ ssh-add -L
The agent has no identities.

waja at Brotschneidemaschine in ~
$ ssh-add ~/.ssh/id_rsa
Identity added: /Users/waja/.ssh/id_rsa (waja@Brotschneidemaschine.local)

waja at Brotschneidemaschine in ~
$ ssh-add -L
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCfovU+pdwsO4ubyG8kldmtFwVcfNIbJX8Qvi+4rWKmkcEx7xdz27o+CrCXyu3eSbw8q/BVNZImwbs3C4dCBZ+o7ZtHmJGYzyrIOkY1AD1kdf0tbH3boEqoL46xOx8zGIUWCcuJd+bzMw/ub/5Qf+yW6a00h4szFiREyM6k2y+0gF21ewoSKPZp+XTFFXfOoGAllJ1rhQq+PScUHHu81Ft9bl18e0SWKRJd/EOiI+2/GAb/jtYo0lxyIk1GrmZDA80Tew7Mv636zWfXUaL1Tr4Y8Wxmeetr97MLcVcY9hMZmQlcmurDqeIJdWn1IAr8IRieLJZPiMjt09LZ2EAd/TmI2lbfy3c+013qmc4YoOhXDlRgoS5qeQr/zupP1/0ATzG37pGtkomO1zz9WBafFy5ewzIU1YUArV+/PNWbVdrnIEOKmHF/YM/ZCA5JwFp7M/8FOHZrM6KvCwcnmtHOzU+0y7eHYejUHTBOIrk9/SfP37IFEELaNrEJdDokQBXpT38= waja@Brotschneidemaschine.local

waja at Brotschneidemaschine in ~
$ tail -2 .ssh/config 
Host *
  ForwardAgent yes

waja at Brotschneidemaschine in ~
$ ssh-add -d ~/.ssh/id_rsa
Identity removed: /Users/waja/.ssh/id_rsa RSA (waja@Brotschneidemaschine.local)
```
Identities are not permanent, Desktop-Managers reads keys from `basename -s .pub ~/.ssh/*.pub`.
```
waja in 🌐 jumphost in ~
✦ ❯ kill -9 7715

waja in 🌐 jumphost in ~
✦ ❯ ssh-add -L
Error connecting to agent: Connection refused

waja in 🌐 jumphost in ~
✦ ❯ eval "$(ssh-agent -s)"
Agent pid 7795

waja in 🌐 jumphost in ~
✦ ❯ ssh-add -L
The agent has no identities.
```
## SSH Agent forwarding is nice but...

[You should only add servers you trust and that you intend to use with agent forwarding.](https://docs.github.com/en/developers/overview/using-ssh-agent-forwarding)
[Why using SSH agent-forwarding is a Bad Idea](https://medium.com/kernel-space/why-using-ssh-agent-forwarding-is-a-bad-idea-6cbdff31bbee)

# SSH ProxyCommand / ProxyJump

```
~ via ☕ via  
✦ ❯ tail -7 .ssh/config 
Host 192.168.66.*
  # https://www.cyberciti.biz/faq/linux-unix-ssh-proxycommand-passing-through-one-host-gateway-server/
  # https://goteleport.com/blog/ssh-proxyjump-ssh-proxycommand/
  # https://en.wikibooks.org/wiki/OpenSSH/Cookbook/Proxies_and_Jump_Hosts
  #ProxyJump user1@10.42.5.6:22
  #ProxyCommand ssh -q -W %h:%p user1@10.42.5.6
  ProxyCommand ssh -o 'ForwardAgent yes' 10.42.5.6 'ssh-add && nc %h %p'

```

# SSH Multiplexing

```
~ via ☕ via  
✦ ❯ tail -8 .ssh/config 
Host *
  # https://www.cyberciti.biz/faq/linux-unix-reuse-openssh-connection/
  # https://blog.scottlowe.org/2015/12/11/using-ssh-multiplexing/
  # https://en.wikibooks.org/wiki/OpenSSH/Cookbook/Multiplexing
  ControlPath ~/.ssh/controlmasters/%r@%h:%p
  ControlMaster auto
  ControlPersist yes
  MaxSessions 10
```

https://www.maketecheasier.com/kill-unresponsive-ssh-session/