I’m setting up a new system, and I always create a new key when I bulid a new desktop… Having not done it in a few years, I wanted to see what the recomended ssh key looks like these days.

I have an update to my [previous article]{screen-ssh-agent} on forwarding [ssh-agent]{tag/ssh} through [screen]{tag/screen}. I’ve since switched to [zsh]{tag/zsh} and am now forwarding the X DISPLAY environment variable through to the screen shell.

You can grab my ~/.zsh.d/S51_screen, ~/.zsh.d/S60_prompt, and ~/.screenrc or read below.

I have been wondering for a while how to do this… How to pass the ssh-agent variables to screen clients. After doing a google search on it I found a couple of solutions:

• grabssh/fixssh - two scripts that save the ssh agent environment variables and restore them;
• screen_agent - this just executes an ssh-agent that is used by the screen session;
• fixx - ok, this actually fixes X forwarding not ssh-agent and is a variation on the first;

Then I came across Alexander Neumann’s blog entry which is the perfect solution. He simply redefines the SSH_AUTH_SOCK variable and makes it point to a symlink that he creates when he logs in. This means that this method works when you’re sshing into a machine running screen. I will just have to overwrite this symlink when screen is being launched.

Long time ago, I wrote a brief howto on SSH + PPP = VPN (don’t use it). Today I found out that as of version 3.4 OpenSSH supports VPN features. That is, you can create a tun device and route packets through your ssh connection.

That’s pretty neat if you only have ssh to go with. But pretty crappy because you need root on both ends, and if you have root on both ends you can gowith IPSEC or OpenVPN/tinc/cipe/etc.