Create and maintain custom symbolic link to a recent, valid SSH_AUTH_SOCK
#13
Labels
Platform: Unix 🐧
Related to Unix/Linux-specifics
Target: Communication protocol 💬⚠️
A part of the core library which deals with client-server messaging
Target: Core 💥
Core architectural support library
Target: Reference implementation 📃
The "official" Client & Server implementations
Comments
whisperity
added
Target: Core 💥
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
A common problem occurs over elongated uses of Monomux where the user forwards the SSH Agent and starts a session with the environment in one forwarded connection (
SSH_AUTH_SOCK=/tmp/sshd-..../agent). When the connection terminates, the Agent socket is deleted, but the running session still points to it. The next connection just attaches to the session and tries to use the invalidated agent.At least for the common case of SSH (luckily the Agent is a socket file that we can symlink and such...) we should create a path which we inject as
SSH_AUTH_SOCKinto the spawned sessions. Every time a client attaches to the server successfully, we should ask the client what itsSSH_AUTH_SOCKis, and during the connection process, set the symlink to this path.This way, the sessions will always see the latest attached client's SSH Agent, which might not be the best solution if multiple connections exist in parallel, but still somewhat better than only the first connection working...
The text was updated successfully, but these errors were encountered: