ssh-agent and screen

[splintax]

I'm curious to know how other UCC members are currently using ssh-agent with screen.

I found this page by "peter", which has what seems like an ideal solution for running the agent even when screen is backgrounded

Comments

[ext_3201]

I use different keys for every device, so my home PC has a set, I have a set at UCC, a set on my laptop, and so on. This has the advantage that when I lose my USB stick, like I did a few months back, I can just revoke that key and keep using the same set on everything else.

Passwordless private keys is a very, very bad habit to get into, although it's fine at UCC on machines that mount /home if you're only using it to access UCC systems.

[splintax]

See, I've never really understood why unencrypted private keys are as terrible as people make them out to be. As long as you don't ever give other people access to them (or, enough access for them to copy them to a remote location), they're no less secure than keeping the keys in memory, right?

[ext_3201]

Good luck with that preventing access thing.

[ext_3201]

Also, WRT ssh-agent(1) and screen(1), I prefer keychain(1).

[ext_39666]

In my .zshrc I have

export OLD_SSH_AUTH=$SSH_AUTH_SOCK
export SSH_AUTH_SOCK=~/.ssh/auth/$HOST-ssauth

Then I have a program ~/bin/ss that I run instead of 'screen -r':

#!/bin/zsh
rm -f ~/.ssh/auth/$HOST-ssauth
ln -s $OLD_SSH_AUTH ~/.ssh/auth/$HOST-ssauth
screen -rd -S ucc

(the -S ucc is so that if I have other special-purpose screens then they don't get interfered with). SSHKeychain for os x is useful.