Screen and ssh agent

I've generally found GNU screen to be invaluable when working over slow or unreliable network connections. Multiplex mode makes it easy to run multiple sessions from a single login shell; while the ability to reattach to existing sessions means that, should the network connection drop out for any reason, you can pick up from where you left off simply by logging back in and restarting screen.

But there are a few minor problems with detaching and reattaching screen sessions when using ssh-agent.

In order to perform public/private key authentication via an agent, ssh requires access to unix domain socket file on the local machine. The location of the socket is set in the SSH_AUTH_SOCK environment variable. The location also changes from one login session to another. This means a screen session started from a particular login shell will inherit its value of SSH_AUTH_SOCK and will only be able to authenticate via ssh agent as long as the login persists. Detach the session and reconnect from another shell and, if the original login has exited, automatic authentication will no longer work.

Fed up with this, I've added some code to my bash profile to set up a symbolic link from a fixed location to the login specific authentication socket and added some code to my screen setup routines to change the value of SSH_AUTH_SOCK to point to the symlink. This makes it possible for screen to continue to use ssh agent authentication despite detaches but it also introduces another minor wrinkle — subsequent logins on the same system result in the link being updated and means that exiting the most recent login will cause authentication to break.

I wonder if, on balance, it might be better to try and fix the problem by wrapping the screen command in a bash function that updates the link prior to the start of every new screen session. Hmm...