2014-01-31T18:05:49Z Photos, electronics, cnc, and more Jeff Eplerjepler@unpythonic.net 2014-01-31T18:05:49Z 2014-01-31T18:05:49Z https://gamma.unpythonic.net/01391191549 I love <a href="http://mosh.mit.edu">mosh</a>, using it to connect to a long-lived screen session from multiple computers (laptop, chromebook, $DAY_JOB, and phone). <p>One problem with it is that a <tt >mosh-server</tt> process that has no living client will linger for a very long time (forever?). This can happen for various reasons, such as letting a device's battery run down. <p>With some brainstorming help from the participants from #mosh, I came up with a way to automatically kill old mosh-server processes that probably represented defunct clients without killing ones that may represent working clients. <p>For a long time, my basic setup has been to run a command equivalent to: <tt >mosh myserver -- bin/cs</tt> where cs is a script which sets some environment variables and ends with <tt >exec screen</tt>, so I already had an excellent location to put cleanup code. <p>I also felt that the cleanup rule I wanted was: kill all mosh-server processes started from the same client. $SSH_CLIENT was suggested for this, but it's not useful since my portable devices naturally connect from different networks with different IP addresses (that's the point of mosh after all!) So I jumped to the conclusion that I needed a unique identifier. Why not involve a UUID? <p>As soon as I realized I needed to pass the UUID on the commandline or environment of <tt >cs</tt>, I realized that meant it would show up in the <tt > mosh-server</tt> commandline. So that led to the following snippet: ($i is already identified as being the UUID= argument): <pre > ps h --sort start_time -o pid,command -C mosh-server | grep &quot;$i&quot; | head --lines=-1 | awk '{print $1}' | xargs --no-run-if-empty -n 1 --verbose kill </pre> <p>That seems to work! One final wrinkle, though: In mosh irssi connectbot, there's no way to specify the mosh commandline directly. Hoever, there is &quot;Requested mosh server&quot;. I created a wrapper script reading: <pre > #!/bin/sh exec mosh-server &quot;$@&quot; -- bin/cs UUID=... </pre> and used that script (with full path, in my case) as the configuration value. <p>Now I shouldn't have to worry about mosh-server processes piling up on my main linux box anymore. 2005-12-18T03:49:33Z 2005-12-18T03:49:33Z https://gamma.unpythonic.net/software/01134877773 <div style="float:right;clear:right"><!-- pam-ssh.png--><div class=albumouter style=width:306px id=><div class=albumimage style="width:306px;margin-left:0.0px;"><img src="https://media.unpythonic.net/emergent-files/software/01134877773/pam-ssh.png"><br><span>A console login mediated by pam_ssh</span></div></div> </div> This is neat. <a href="http://pam-ssh.sourceforge.net/">pam_ssh</a> &quot;provides single sign-on behavior for SSH. The user types an SSH passphrase when logging in (probably to GDM, KDM, or XDM) and is authenticated if the passphrase successfully decrypts the user's SSH private key. In the PAM session phase, an ssh-agent process is started and keys are added. For the entire session, the user can SSH to other hosts that accept key authentication without typing any passwords.&quot; <p>The only snag I ran into on FC2 was that the script in <tt> /etc/X11/xdm/Xsession</tt> unconditionally started a fresh ssh-agent, even if <tt> $SSH_AGENT_PID</tt> was already set. I changed the SSHAGENT= line to read <span class=indent><tt>[ -x /usr/bin/ssh-agent &amp;&amp; -z &quot;$SSH_AGENT_PID&quot; ] &amp;&amp; SSHAGENT=&quot;/usr/bin/ssh-agent&quot;</tt></span> and then everything worked. I'm now using it for console and gdm logins on one of my machines. <p>On FC2 I built the rpm from the tarball. It looks like FC4 has one available via yum. <p><b>Update 2006/01/09:</b> I was having trouble with pam_ssh not leaving an ssh-agent running the next time I logged in after a crash (dead battery). I discovered that the problem was that leftover <tt>~/.ssh/agent-*</tt> files would trick pam_ssh into thinking that an appropriate ssh-agent was already running. I now remove these files in /etc/rc.local when booting.