![[info]](http://l-stat.livejournal.com/img/userinfo.gif?v=92.1){kind=small}
accomplished So I've finally got off my arse and bothered looking into what I can do to make sure my ssh-agent is forwarded correctly to my screen sessions. SSHKeychain does most of the hard work on the client side for me, but I'm sick of connecting to something in a server-side screen to find a blazing password prompt. I figured out there is no way to modify the running shell and changing the environment variable auto-magically upon screen reconnect, however I can use a simple command to search for an active ssh-agent and reset the variable for me.
I'm using:
# Find a usable agent
function ssh-reagent () {
for agent in /tmp/ssh-*/agent.*; do
export SSH_AUTH_SOCK=$agent
if ssh-add -l 2&>1 > /dev/null; then
echo Found working SSH Agent:
ssh-add -l
return
fi
done
echo Cannot find ssh agent - maybe you should reconnect and forward it?
}
ssh-reagent
in my ~/.bashrc - any comments or better suggestions?
I want to create a standard ssh-agent socket location and when ssh-reagenting make sure I update the socket so chained ssh connections in the screen get the benefits too...
October 16 2007, 15:24:14 UTC 4 years ago
October 16 2007, 15:26:09 UTC 4 years ago
October 16 2007, 15:38:09 UTC 4 years ago
... although it is interesting.
I think I'll just make screen export a standard agent location and add a keybinding to update the socket when I reconnect. It would be nice if screen had a trigger on reconnect that I could use to run it automagically... Ah, to be wistful.
October 16 2007, 15:40:55 UTC 4 years ago
October 18 2007, 07:20:35 UTC 4 years ago
October 16 2007, 15:27:43 UTC 4 years ago
in ~/.bashrc
if [ "$TERM" = "screen" -a "`hostname`" = "ellipsis" ] ; then
alias fixscr='source $HOME/.screen/fixssh'
alias fixssh='source $HOME/.screen/fixssh'
alias scp='source $HOME/.screen/fixssh; scp'
alias ssh='source $HOME/.screen/fixssh; ssh'
else
alias nscreen='$HOME/.screen/grabssh; screen -c ~/.newscreenrc'
alias rscreen='$HOME/.screen/grabssh; screen -d -R'
fi
~/.screen/grabssh contains:
#!/bin/sh
SSHVARS="SSH_CLIENT SSH_TTY SSH_AUTH_SOCK SSH_CONNECTION DISPLAY"
for x in ${SSHVARS} ; do
(eval echo $x=\$$x) | sed 's/=/="/
s/$/"/
s/^/export /'
done 1>$HOME/.screen/fixssh
Which fixes things for me, though it's not particularly efficient.
October 18 2007, 07:21:50 UTC 4 years ago
Anonymous
October 17 2007, 05:11:23 UTC 4 years ago
and then rather than "screen -r", I run a script (named
ss) of(the screen is named "UCC")
October 17 2007, 05:12:29 UTC 4 years ago
October 17 2007, 17:21:08 UTC 4 years ago
startagent()
{
ssh-agent > ~/.main-agent
chmod 600 ~/.main-agent
source ~/.main-agent
}
if [ -e "$HOME/.use=agent" -a -r "$HOME/.main-agent" ]
then
source $HOME/.main-agent > /dev/null
fi
in .zshenv, works well. Don't tend to use it much any more, people kept su-ing to me to steal my agent.
October 18 2007, 07:19:09 UTC 4 years ago
My current, further developed, solution:
sam@screen-running-machine:~$ cat /home/sam/.ssh/rc SSH_AGENT_SOCK=~/.ssh/agent if [ "$SSH_AUTH_SOCK" -a ! "$SSH_AUTH_SOCK" -ef "$SSH_AGENT_SOCK" ]; then ln -fs "$SSH_AUTH_SOCK" "$SSH_AGENT_SOCK" export SSH_AUTH_SOCK="$SSH_AGENT_SOCK" fi sam@screen-running-machine:~$ cat /home/sam/.ssh/reagent if ! ssh-add -l > /dev/null 2>&1; then for agent in /tmp/ssh-*/agent.*; do export SSH_AUTH_SOCK=$agent if ssh-add -l > /dev/null 2>&1; then export SSH_AUTH_SOCK=$agent fi done fi sam@screen-running-machine:~$ cat ~/.bashrc if [ "$TERM" = "screen" ]; then export TERM=xterm-color if [ -S ~/.ssh/agent ]; then export SSH_AUTH_SOCK=~/.ssh/agent fi alias ssh="~/.ssh/reagent; ssh " fi ...Anonymous
November 3 2009, 18:35:27 UTC 2 years ago
Slight improvement
After you start the for loop, you can add this line:[ -O $agent ] || continue
This will continue the loop if your account isn't the owner of that agent file.