My situation:
- There are several servers on my LAN which I do not administer
- I access them using SSH for sshfs, shells, and remote X11 apps
- I have set
ControlMaster autoin my~/.ssh/configfile so I don’t experience authentication lag- I use Compression and fast/weak Ciphers since I’m either on a private LAN or using VPN
- Wherever possible, I have exported my (passwordless) public RSA key to the servers
I’ve started using autofs to make my life easier, but autofs wants to run all of its mount commands as root. I can, of course, generate a new RSA keypair as root and export that, and also replicate my own
~/.ssh/configoptions to the superuser’s config file, but I’d rather not maintain two copies of these things, and it doesn’t solve my desire to have only one open SSH connection to each host. Therefore, I want to have autofs runsshfsas an unprivileged user, just like it does when manually invoked at the terminal.I’ve looked into autofs scripts, but those don’t appear to be a solution to my problem. Any suggestions?
Answer
JFTR, I’ve modified (and simplified) ssh_user so that it first tries to contact the user’s ssh-agent:
#!/bin/bash
# Open a ssh connection as a given user, thus using his/hers authentication
# agent and/or config files.
: ${ADDOPTS:="-2Ax"}
: ${LOCAL:="kreator"}
export SSH_AUTH_SOCK=$(find /tmp/ssh-* -type s -user ${LOCAL} -name agent* | tail -1)
declare -a options=( $* )
# Remove unwanted options
for (( i=0,fin=${#options[*]} ; i < fin ; i++ ))
do
case ${options[$i]} in
(-a|-oClearAllForwardings=*) unset options[$i]
;;
esac
done
exec /bin/su ${LOCAL} -c "$(which ssh) ${ADDOPTS} ${options[*]}"
Attribution
Source : Link , Question Author : billyjmc , Answer Author : kreator
