ssh-agent through remote host running screen

I spend a lot of time in a terminal. I use a lot of SSH. Sometimes I don’t want to close a terminal with a long running process, but I live on a netbook. So I use GNU screen running on servers.

One of the things that has been bugging me is that my local ssh-agent, that allows me to login to the remote server without password prompt only works in screen when I start a fresh terminal, but not when I reconnect to a running screen session. Since I do that a lot, I figured there had to be a way.

That’s when I came across a post about letting screen apps use the ssh-agent.

In a nutshell it defines a new per host SSH_AUTH_SOCK and links it to the real one.

In my case I just have it do that at login time. So here is what I did.

First create a place to put the new socket link and make sure not everyone can see it.

mkdir $HOME/.screen
chmod 700 $HOME/.screen

Next add the following to your .bash_profile (assuming bash is your shell) ..

export HOSTNAME=`hostname -s`
ln -sf "$SSH_AUTH_SOCK" "$HOME/.screen/ssh-auth-sock.$HOSTNAME"

and finally augment your .screenrc with the following two lines, which should be fairly early in the file, as I understand.

unsetenv SSH_AUTH_SOCK
setenv SSH_AUTH_SOCK $HOME/.screen/ssh-auth-sock.$HOSTNAME

Now, when you login a link to your real SSH_AUTH_SOCK is created, which is referenced inside screen when you start up a fresh screen session. Any new screen window will know where to find it and even when you reattach to it from the wireless access point at the tire store, the agent will forward.

Oh and make sure you either ssh -A or just add the follwing to your .ssh/config

ForwardAgent yes

Voilâ, remote-hopping-bliss.


Leave a Reply

Your email address will not be published. Required fields are marked *