Floating Octothorpe

Multiplayer terminals with Screen

I recently wanted to share a Vim session over the internet. I could have used screen sharing software, however this isn't ideal because it's bandwidth heavy. In the end I used GNU Screen and OpenSSH which worked surprisingly well.

Software installation

Screen is packaged for most Linux distributions. For CentOS, it was just a case of installing Screen with the package manager:

$ sudo yum install screen

Note: OpenSSH was already installed and running, so no additional setup was required.

Using a shared account

The easiest way to share a screen session is with a shared account. This obviously assumes you're happy with the other person having full access to the account. The first thing to do is set up key based authentication to allow the remote user to log in:

[[email protected] ~]$ [ -d .ssh ] || install --directory .ssh --mode 0700
[[email protected] ~]$ vim .ssh/authorized_keys
[[email protected] ~]$ chmod 600 .ssh/authorized_keys
[[email protected] ~]$ cat .ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDP2Klt8QCrBBy0VWDk4Pp8J25TjRLEUp+bf87u1gH8nz/TOB2VAjgQL+cAmV9t37fzadm9qZVm1gGS4K2awAVwWkl+/X5nV2NoshADcYUTR3JcaVQaWeATBgd2zoBpwoKg63wTHvF4eLP6UDKoWiBFO7yqsytx+hxYlqalWzOqergowiSXN57J1C31G0hSfQFY5S+Ed4oum7K1vrL2SFsmIYqvqZ2QufRuM1KZUR13wWV2LSQqt2kU3AicOM8YIWRwcKAggqAn5PxapNLTBgNWuZ/YeC/zA79IfIq8PDjvWsrG/6hLfmkfyC1QrgLsNtoX4FsbRxEX7HTGXuqXVuhP alice

At this point the remote user should be able to connect into the shared account:

[[email protected] ~]$ ssh [email protected]
Last login: Wed Nov 23 21:05:21 2016 from localhost
[[email protected] ~]$

Once the remote user can connect successfully, start a named screen session:

[[email protected] ~]$ screen -S shared

In the screen session press the command key sequence ( ctrl + a ), then type :multiuser on to enable multiuser mode. At this point the remote user should be able to connect and join the screen session:

[[email protected] ~]$ ssh -t [email protected] screen -x bob/shared

Note: the -t option is required to ensure a tty is allocated. If you miss this option you will get the following error message from screen: Must be connected to a terminal.

Using different user accounts

It's also possible to use a different user account, however it requires a little work under CentOS. The first thing to do is start a named screen session:

[[email protected] ~]$ screen -S shared

Once your screen session is up, enable multiuser mode:

ctrl + a
:multiuser on

And whitelist the second user:

ctrl + a
:acladd alicce

At this point if the second user tries to connect, they will get the following error message:

[[email protected] ~]$ screen -x bob/shared
Must run suid root for multiuser support.

On CentOS, the screen setuid bit has been disabled for a long time:

$ rpm -q --changelog screen|grep -B1 setuid
* Wed Apr 07 1999 Erik Troan <[email protected]>
- patched in utempter support, turned off setuid bit

To re-enable multiuser support, run the following as root:

chmod u+s /usr/bin/screen
chmod 755 /var/run/screen
sed 's/775/755/' /usr/lib/tmpfiles.d/screen.conf > /etc/tmpfiles.d/screen.conf

Note: the tmpfiles.d config needs to be modified to make the permissions change to /var/run/screen persistent.

The second user should now be able to join the screen session:

[[email protected] ~]$ screen -x bob/shared

Although this method works, it's not ideal for a couple of reasons:

  1. The permissions changes will be reverted by the package manager when screen is updated.
  2. Arguably, having the setuid bit set is a security risk.

Stop barking at me

If you regularly hit tab, you might notice the following message:

Wuff  ----  Wuff!!

Weirdly enough this is the default visual bell message in screen. You can switch to using an audible bell by pressing ctrl + a, followed by ctrl + g.

Alternatively you can redefine the bell message to effectively hide it:

ctrl + a
:vbell_msg ""