Diff for "yellow/UsingScreen"

Not logged in - Log In / Register
Differences between revisions 3 and 4
Revision 3 as of 2011-08-26 18:54:40
Size: 1960
Editor: bac
Comment:
Revision 4 as of 2012-02-02 13:50:39
Size: 2300
Editor: gmb
Comment:
Deletions are marked like this. Additions are marked like this.
Line 31: Line 31:
   * gmb has written a simple script that will grab the SSH keys of a given LP user for you and echo them out to STDOUT:
{{{
 $ bzr --no-plugins cat http://bazaar.launchpad.net/~gmb/+junk/get-lp-ssh-keys/get-lp-ssh-keys.py
 $ chmod +x get-lp-ssh-keys.py
 $ ./get-lp-ssh-keys $LP_USER_1 $LP_USER_2 >> /path/to/.ssh/authorized_keys
}}}

Notes on using screen to collaborate

Scenario:

  • Alice wants to collaborate with Bob.
  • Her home network is called alice.net and she has two machines, edge and dev.
  • Port 22 on alice.net is open and forwards to edge.
  • Dev is not exposed through her router. It is the machine where she does her work and wants to allow collaboration.

  • Alice wants to use screen to share a terminal session with Bob.

Setup:

  • On edge Alice creates a user account guest that will be used by Bob.

  • Alice does the following to create a reverse tunnel from dev to edge:

    • ssh -N -R '*:2200:localhost:22' edge

  • Bob will be connecting to port 2200 so Alice must open that port on her router and forward it to edge.
  • To use screen in multiuser mode, it must run as root with setuid. Alice must do the following on dev:

    • sudo chmod +s /usr/bin/screen

    • sudo chmod 755 /var/run/screen

Sharing a screen:

  • Alice starts screen screen -S shared. She then does the required configuration:

    • ctl-a :multiuser on

    • ctl-a :acladd guest

  • Bob connects by using ssh -p 2200 guest@alice.net

  • He'll be prompted for the guest user UNIX password.

  • Once logged in he connects to the screen using screen -x alice/shared

Next steps:

  • Get per user credentials to work as shown in the LOSA guide

    • Our scenario is more complicated in that Alice doesn't want to allow Bob to connect using her account. She also doesn't want to work in a dumbed-down guest account. What to do?
    • The user files in a normal SSH set up are in /home/$user/.ssh/authorized_keys, not in /etc/ssh/user-authorized-keys as shown in the LOSA write up.
    • gmb has written a simple script that will grab the SSH keys of a given LP user for you and echo them out to STDOUT: 

 $ bzr --no-plugins cat http://bazaar.launchpad.net/~gmb/+junk/get-lp-ssh-keys/get-lp-ssh-keys.py
 $ chmod +x get-lp-ssh-keys.py
 $ ./get-lp-ssh-keys $LP_USER_1 $LP_USER_2 >> /path/to/.ssh/authorized_keys

Tips:

  • Add to ~/.screenrc for better color handling term screen-256color

References:

yellow/UsingScreen (last edited 2012-02-02 13:52:11 by gmb)