Multiplayer terminals with Screen
I recently wanted to share a Vim session over the internet. I could have used screen sharing software, however this isn't ideal because it's bandwidth heavy. In the end I used GNU Screen and OpenSSH which worked surprisingly well.
Software installation
Screen is packaged for most Linux distributions. For CentOS, it was just a case of installing Screen with the package manager:
$ sudo yum install screen
Note: OpenSSH was already installed and running, so no additional setup was required.
Using a shared account
The easiest way to share a screen session is with a shared account. This obviously assumes you're happy with the other person having full access to the account. The first thing to do is set up key based authentication to allow the remote user to log in:
[bob@example ~]$ [ -d .ssh ] || install --directory .ssh --mode 0700
[bob@example ~]$ vim .ssh/authorized_keys
[bob@example ~]$ chmod 600 .ssh/authorized_keys
[bob@example ~]$ cat .ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDP2Klt8QCrBBy0VWDk4Pp8J25TjRLEUp+bf87u1gH8nz/TOB2VAjgQL+cAmV9t37fzadm9qZVm1gGS4K2awAVwWkl+/X5nV2NoshADcYUTR3JcaVQaWeATBgd2zoBpwoKg63wTHvF4eLP6UDKoWiBFO7yqsytx+hxYlqalWzOqergowiSXN57J1C31G0hSfQFY5S+Ed4oum7K1vrL2SFsmIYqvqZ2QufRuM1KZUR13wWV2LSQqt2kU3AicOM8YIWRwcKAggqAn5PxapNLTBgNWuZ/YeC/zA79IfIq8PDjvWsrG/6hLfmkfyC1QrgLsNtoX4FsbRxEX7HTGXuqXVuhP alice
At this point the remote user should be able to connect into the shared account:
[alice@example ~]$ ssh bob@example
Last login: Wed Nov 23 21:05:21 2016 from localhost
[bob@example ~]$
Once the remote user can connect successfully, start a named screen session:
[bob@example ~]$ screen -S shared
In the screen session press the command key sequence ( ctrl +
a ), then type :multiuser on to enable multiuser mode. At this
point the remote user should be able to connect and join the screen session:
[alice@example ~]$ ssh -t bob@example screen -x bob/shared
Note: the -t option is required to ensure a tty is allocated. If you
miss this option you will get the following error message from screen:
Must be connected to a terminal.
Using different user accounts
It's also possible to use a different user account, however it requires a little work under CentOS. The first thing to do is start a named screen session:
[bob@example ~]$ screen -S shared
Once your screen session is up, enable multiuser mode:
ctrl + a
:multiuser on
And whitelist the second user:
ctrl + a
:acladd alicce
At this point if the second user tries to connect, they will get the following error message:
[alice@example ~]$ screen -x bob/shared
Must run suid root for multiuser support.
On CentOS, the screen setuid bit has been disabled for a long time:
$ rpm -q --changelog screen|grep -B1 setuid
* Wed Apr 07 1999 Erik Troan <[email protected]>
- patched in utempter support, turned off setuid bit
To re-enable multiuser support, run the following as root:
chmod u+s /usr/bin/screen
chmod 755 /var/run/screen
sed 's/775/755/' /usr/lib/tmpfiles.d/screen.conf > /etc/tmpfiles.d/screen.conf
Note: the tmpfiles.d config needs to be modified to make
the permissions change to /var/run/screen persistent.
The second user should now be able to join the screen session:
[alice@example ~]$ screen -x bob/shared
Although this method works, it's not ideal for a couple of reasons:
- The permissions changes will be reverted by the package manager when screen is updated.
- Arguably, having the setuid bit set is a security risk.
Stop barking at me
If you regularly hit tab, you might notice the following message:
Wuff ---- Wuff!!
Weirdly enough this is the default visual bell message in screen. You can switch to using an audible bell by pressing ctrl + a, followed by ctrl + g.
Alternatively you can redefine the bell message to effectively hide it:
ctrl + a
:vbell_msg ""