There is a very similar question that if answered may have been the answer to this question. Unfortunately it's a case of "no need to answer the question I asked because the problem wasn't what I thought it was."
- The server bastion.ec2 accepts an ssh connection from my workstation via
ssh -i mykey.pem firstname.lastname@example.org
- The server service1.ec2 accepts ssh connections only from bastion.ec2 via
ssh -i sharedkey.pem email@example.com
- Both keys are only on my workstation so I can't actually do the 2nd command without copying the key over
- For security reasons I want to use ssh-agent forwarding rather than copy ssh keys over to bastion.ec2
This is where you come in. How can I forward a different key for the 2nd connection?
If shareduser had mykey.pub in it's
~/.ssh/authorized_keys this would work:
ssh -i mykey.pem firstname.lastname@example.org ssh email@example.com
However, I don't want every user to have to put their public key in every server.