SSH sessions inside remote screens

I have screen(1) running contineously on servers. On some of them, the screen contains ssh-sessions to further machines. Because i trust these servers less than my laptop, i don't store secret keys there, i use AgentForwarding on the connection to the server and ssh-add -c $relevant_key on the laptop, so i must confirm each use of the key through the forwarding.

On disconnecting/reconnecting to the server in question, the SSH_AUTH_SOCK variable changes, but remains unchanged inside the long-running screen. ssh from inside screen will prompt for passwords, because the ssh-agent does not respond on the old path. i found no clean solution to propagate the change to the screen windows after re-attaching them.

So i put this in my .profile on the server

if [ $? -eq 0 ]; then
        if [ ! $SSH_AUTH_SOCK = "/tmp/ssh-agent-$USER-screen" ]; then
                ln -sf "$SSH_AUTH_SOCK" "/tmp/ssh-agent-$USER-screen"

and this line into the .screenrc on the server

setenv SSH_AUTH_SOCK "/tmp/ssh-agent-$USER-screen"

So all screen windows have SSH_AUTH_SOCK set to the same path always, and when i connect to the server, the shell soft-links that path to the actual socket which is forwarded through ssh to the ssh-agent on my laptop.

Mon, 16 May 2016
[/projects] permanent link