Monitoring remote assistance with GNU Screen in Linux

In the daily maintenance of servers it is often necessary to give access to a tech-support company or agency to access your server using SSH.
Once they are logged in you’re not able to monitor what they are doing unless you use screen.

Follow the steps below to use screen to attach your terminal window to the same screen session as the remote ssh session:

1. Force Auto Screen on SSH login by adding the following snippet at the top of ~/.bashrc. Based on http://taint.org/wk/RemoteLoginAutoScreen:

if [ "$PS1" != "" -a "${STARTED_SCREEN:-x}" = x -a "${SSH_TTY:-x}" != x ]
then
  STARTED_SCREEN=1 ; export STARTED_SCREEN
  [ -d $HOME/lib/screen-logs ] || mkdir -p $HOME/lib/screen-logs
  sleep 1
  screen -RR && exit 0
  # normally, execution of this rc script ends here...
  echo "Screen failed! continuing with normal bash startup"
fi
# [end of auto-screen snippet]

This forces the remote user to automatically start a screen session on SSH login.

2. Open up a new terminal window on the server and switch to the same user used by the remote agency:

# su - remoteuser

3. Attatch screen to the same session:

$ screen -x

Both terminal windows are now synchronized. This means that you will be able not only to see what’s the remote user is typing but to take control over your own terminal window and issue any command too. The remote user will also see what you are doing.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s