I've been facing an interesting issue for a few weeks now. Part of our fleet is only reachable via a jump-host.
In the past I had no issues w/ logging into the jump-host from my workstation using ssh -A and maintain a session for extended periods of time [yes, I know that's bad practice, not here for a lecture on a foul habit =}], and connect on from there to other machines w/o password entry as expected.
Now every so often going to my uxterm with the active session to the jump host gives me a
Permission denied (publickey)
If I disconnect, and w/o restarting the agent connect to the jump host again, all works as before.
How do I diagnose what's going on there?
Extra information: my workstation is Ubuntu 16.04, the jump host is 14.04, recently upgraded from 12.04.
When using agent forwarding,
sshactually forwards the UNIX socket to a directory in/tmpand the setsSSH_AUTH_SOCKto point to it.Effectively, thus means that only a new remote shell will inherit
SSH_AUTH_SOCK. Older sessions, will keep pointing to a socket that no longer exists. You could justexportit again if you don't want to open a new shell