On Tue, Feb 9, 2021 at 7:09 AM Passerini Marco <marco.passer...@cscs.ch> wrote:
> From my tests is seems that in Guacamole the ssh-agent is not forwarded > through the terminal. I can configur keys to SSH into a host from the web, > but if from the terminal CLI I want to do SSH to another host, I will need > to re-authenticate. Is this correct? > There is agent forwarding support present, but it depends on a patched libssh2. The libssh2 library does not otherwise provide support for SSH agent forwarding that would be usable by Guacamole. The presence/absence of this support is detected at build time. I saw there's some code about the SSH-agent but I guess it confirms this > behaviour? > > > https://github.com/apache/guacamole-server/blob/c449d83790628182360056d531e7017acd65186b/src/protocols/ssh/ssh_agent.c > > Is there any plan to implement this? > It is already implemented. The code you link to above is the implementation. I haven't checked whether migrating from libssh2 back to libssh would allow this to be implemented without a patch. Guacamole's SSH support was originally built off libssh, and was migrated to libssh2 to implement SSH agent forwarding. Neither library had support for agent forwarding that could be used by Guacamole as-is, but there were patches available for libssh2 that added it. - Mike
