I am using a multi-hop SSH connection with agent forwarding enabled at each hop. I want to connect to a destination machine (Machine D) using the key of the preceding hop, not the one from the originating machine.

The details:

Working on the console of Machine A I connect to Machine B with SSH (ForwardAgent yes):

Machine A  ---SSH(id_rsa_A)--->  Machine B  ---SSH(forwarded_key)--->  Machine D1

When I execute ssh-add -L (on B) I get the id_rsa_A. And if I connect from B to D1, it uses id_rsa_A for authentication.

OK, this is what I want.

Working on the console of Machine B I connect to Machine C with SSH (ForwardAgent yes):

Machine B  ---SSH(id_rsa_B) --->  Machine C  ---SSH(forwarded_key)--->  Machine D2

When I execute ssh-add -L (on C) I get the id_rsa_B. And if I connect from C to D2, it uses id_rsa_B for authentication.

OK, this is what I want.

Now I go back to Machine A and have a two-hop SSH connection both with ForwardAgent yes to Machine C via B:

Machine A  ---SSH(id_rsa_A)--->  Machine B  ---SSH(id_rsa_B)--->  Machine C ---SSH(forwarded_key)--->  Machine D2

When I execute ssh-add -L (on C) I get the id_rsa_A. And when I connect to Machine D2, SSH connection uses id_rsa_A even though the preceding connection between B and C explicitly uses id_rsa_B.

This is what I want to change. Namely I want forwarded_key to be id_rsa_B.

Is it possible (and how) to force Machine C (connected from A via B) to use id_rsa_B for its outgoing SSH connections?

I even tried ForwardAgent no option on first connection:

Machine A  ---SSH(id_rsa_A)--->  Machine B

leaving ForwardAgent yes on subsequent connection:

Machine B  ---SSH(id_rsa_B)--->  Machine C

but then further connection does not use agent forwarding at all:

Machine C ---SSH(no_key)--->  Machine D2

It looks like it's only for the whole pipe between console and the currently connected machine.