Thursday, February 16, 2012

Configuring GNU Screen: Retain ssh-agent access when a session is reattached

For those that use screen a common problem is to "lose" your ssh-agent after ending an ssh session.

The Problem

1. ssh to a remote server and start screen for the first time.

What happens is screen starts and all your shells in screen capture the value of SSH_AUTH_SOCK at that time.  You can access your agent because the value of the environment variable in each shell is current.

2. Detach from screen and exit from your ssh session.

screen is still running on the remote server (along with all your shells).

3. ssh to the remote server and reattach to the running screen.

So now you've reattached, but the environment variable SSH_AUTH_SOCK in each of your running shells is out of date. As a result you can't access your ssh-agent from your shells unless you update SSH_AUTH_SOCK.

The Solution
  1. Open up the shell config file you store your aliases in. ie. vim ~/.bashrc
  2. Add an alias for screen that will transparently update the auth-sock location to the same location every time.
alias screen='ln -sf $SSH_AUTH_SOCK $HOME/.ssh-auth-sock; env SSH_AUTH_SOCK=$HOME/.ssh-auth-sock screen'