unpythonic.net

Jeff Epler's blog

About me

I've been a computer programmer since I first started typing in program listings on a Commodore Vic 20 when I was about 8. My hobbies include electronics, CNC manufacturing, photography, beer and winemaking.

I live with my wife and lots of left-over parts from unfinished projects in Lincoln, Nebraska, USA.

BlurBlog

Updates and PyCon News
Vacancies are a Red Herring
Saturday Morning Breakfast Cereal - The Test
Ocean Spray Emits More PFAS Than Industrial Polluters, Study Finds
Relatively Universal ROM Programmer Makes Retro Tech Hacking Accessible
CFPB Takes Action Against Coding Boot Camp BloomTech and CEO Austen Allred for Deceiving Students and Hiding Loan Costs | Consumer Financial Protection Bureau
Farewell to HD Atlas
On AI agents: how are these digital butlers supposed to get paid?
Arctic region of Norway asks EU Commission for 26-hour day
Security Alert: Potential SSH Backdoor Via Liblzma
Thousand Day Celebrations
Star Trek: Prodigy Season 2 Releases Early In France
ADABOX 020 UNBOXING LIVE on Ask an Engineer TONIGHT! 3/20/24
CircuitPython 9.0.0 Released!
STFU Sandwich - aka Steak Sandwich - You Suck at Cooking (episode 168)
Was Nosediving Boeing Plane Caused By a Flight Attendant Hitting a Motorized Seat Switch?
Craig Wright Is Not Bitcoin Creator Satoshi Nakamoto, Judge Declares
Share Your Projects: KiCad Automations And Pretty Renders
The GPT-4 barrier has finally been smashed
CircuitPython 9.0.0 Release Candidate 0 Released!
31 January 2014, 18:05 UTC

Mosh automatic cleanup of dead sessions


I love mosh, using it to connect to a long-lived screen session from multiple computers (laptop, chromebook, $DAY_JOB, and phone).

One problem with it is that a mosh-server process that has no living client will linger for a very long time (forever?). This can happen for various reasons, such as letting a device's battery run down.

With some brainstorming help from the participants from #mosh, I came up with a way to automatically kill old mosh-server processes that probably represented defunct clients without killing ones that may represent working clients.

For a long time, my basic setup has been to run a command equivalent to: mosh myserver -- bin/cs where cs is a script which sets some environment variables and ends with exec screen, so I already had an excellent location to put cleanup code.

I also felt that the cleanup rule I wanted was: kill all mosh-server processes started from the same client. $SSH_CLIENT was suggested for this, but it's not useful since my portable devices naturally connect from different networks with different IP addresses (that's the point of mosh after all!) So I jumped to the conclusion that I needed a unique identifier. Why not involve a UUID?

As soon as I realized I needed to pass the UUID on the commandline or environment of cs, I realized that meant it would show up in the mosh-server commandline. So that led to the following snippet: ($i is already identified as being the UUID= argument): 

    ps h --sort start_time -o pid,command -C mosh-server |
        grep "$i" |
        head --lines=-1 |
        awk '{print $1}' |
        xargs --no-run-if-empty -n 1 --verbose kill

That seems to work! One final wrinkle, though: In mosh irssi connectbot, there's no way to specify the mosh commandline directly. Hoever, there is "Requested mosh server". I created a wrapper script reading: 

#!/bin/sh
exec mosh-server "$@" -- bin/cs UUID=...
and used that script (with full path, in my case) as the configuration value.

Now I shouldn't have to worry about mosh-server processes piling up on my main linux box anymore.

[permalink]

18 December 2005, 3:49 UTC in software

pam_ssh



A console login mediated by pam_ssh
This is neat. pam_ssh "provides single sign-on behavior for SSH. The user types an SSH passphrase when logging in (probably to GDM, KDM, or XDM) and is authenticated if the passphrase successfully decrypts the user's SSH private key. In the PAM session phase, an ssh-agent process is started and keys are added. For the entire session, the user can SSH to other hosts that accept key authentication without typing any passwords."

The only snag I ran into on FC2 was that the script in /etc/X11/xdm/Xsession unconditionally started a fresh ssh-agent, even if $SSH_AGENT_PID was already set. I changed the SSHAGENT= line to read [ -x /usr/bin/ssh-agent && -z "$SSH_AGENT_PID" ] && SSHAGENT="/usr/bin/ssh-agent" and then everything worked. I'm now using it for console and gdm logins on one of my machines.

On FC2 I built the rpm from the tarball. It looks like FC4 has one available via yum.

Update 2006/01/09: I was having trouble with pam_ssh not leaving an ssh-agent running the next time I logged in after a crash (dead battery). I discovered that the problem was that leftover ~/.ssh/agent-* files would trick pam_ssh into thinking that an appropriate ssh-agent was already running. I now remove these files in /etc/rc.local when booting.

[permalink]

All older entries
Website Copyright © 2004-2024 Jeff Epler