SSH sessions inside remote screens
screen(1)running contineously on servers. On some of them, the screen contains ssh-sessions to further machines. Because i trust these servers less than my laptop, i don't store secret keys there, i use
AgentForwardingon the connection to the server and
ssh-add -c $relevant_keyon the laptop, so i must confirm each use of the key through the forwarding.
On disconnecting/reconnecting to the server in question, the
SSH_AUTH_SOCKvariable changes, but remains unchanged inside the long-running screen.
screenwill prompt for passwords, because the
ssh-agentdoes not respond on the old path. i found no clean solution to propagate the change to the screen windows after re-attaching them.
So i put this in my
.profileon the server
test $SSH_AUTH_SOCK if [ $? -eq 0 ]; then if [ ! $SSH_AUTH_SOCK = "/tmp/ssh-agent-$USER-screen" ]; then ln -sf "$SSH_AUTH_SOCK" "/tmp/ssh-agent-$USER-screen" fi fi
and this line into the
.screenrcon the server
setenv SSH_AUTH_SOCK "/tmp/ssh-agent-$USER-screen"
So all screen windows have
SSH_AUTH_SOCKset to the same path always, and when i connect to the server, the shell soft-links that path to the actual socket which is forwarded through
ssh-agenton my laptop.
Mon, 16 May 2016
[/projects] permanent link