agent forwarding is a mechanism whereby an SSH client allows an SSH server to use the local agent on the server, the user logs into, as if it was local there.
We say that the private key is forwarded to the server1 in order to connect from server1 to server2.
When a user request a connection to a second server from an SSH client on a first server server (the server client):
agent and agent forwarding implement then single sign-on
Authenticating with public key "rsa-key-..." from agent
echo "$SSH_AUTH_SOCK"
/tmp/ssh-e6Kf8qZYDv/agent.16521
ssh my-server-hostname
To use agent forwarding:
Normally, no configuration should be made as the default configuration for AllowAgentForwarding is yes. See this page for the default value
You can check it on your server with this command if you are using the sshd server
sshd -T | grep -i allowagentforwarding
allowagentforwarding yes
otherwise you need to change the configuration file with the following value
AllowAgentForwarding yes
Configuration of the ssh client:
Host Server1HostName
ForwardAgent yes
# or for all server
Host *
ForwardAgent yes
Configuration of SSH - Putty (telnet, ssh client) called