SSH sessions inside remote screens
I have
screen(1)running contineously on servers. On some of them, the screen contains ssh-sessions to further machines. Because i trust these servers less than my laptop, i don't store secret keys there, i useAgentForwardingon the connection to the server andssh-add -c $relevant_keyon the laptop, so i must confirm each use of the key through the forwarding.On disconnecting/reconnecting to the server in question, the
SSH_AUTH_SOCKvariable changes, but remains unchanged inside the long-running screen.sshfrom insidescreenwill prompt for passwords, because thessh-agentdoes not respond on the old path. i found no clean solution to propagate the change to the screen windows after re-attaching them.So i put this in my
.profileon the servertest $SSH_AUTH_SOCK if [ $? -eq 0 ]; then if [ ! $SSH_AUTH_SOCK = "/tmp/ssh-agent-$USER-screen" ]; then ln -sf "$SSH_AUTH_SOCK" "/tmp/ssh-agent-$USER-screen" fi fiand this line into the
.screenrcon the serversetenv SSH_AUTH_SOCK "/tmp/ssh-agent-$USER-screen"So all screen windows have
SSH_AUTH_SOCKset to the same path always, and when i connect to the server, the shell soft-links that path to the actual socket which is forwarded throughsshto thessh-agenton my laptop.
Mon, 16 May 2016
[/projects]
permanent link
