[X2Go-Dev] Bug#672: SSH-Agent-Forwarding in pyhoca-gui does not survive reconnects

[Robert Siemer]

Package: x2goserver
Version: 4.0.1.18


Pyhoca-gui supports SSH-agent-forwarding, but that doesn’t survive a 
reconnect with session resumption. As far as I understand the following 
happens:

(-pyhoca is configured to do SSH-agent-forwarding)
-pyhoca connects via SSH to the X2Go server
-the sshd creates a unix domain socket in /tmp/ssh-XXXXXX/agend.PID
-the sshd sets SSH_AUTH_SOCKET containing the name of the socket
-sshd starts whatever is requests by the X2Go client having that environment
-SSH-agent-forwarding works

whenever the SSH-connection dies (proper session suspend with disconnect 
or connection is “cut”) it continues like this:

-SSH is connected again
-unix domain socket and environment is set up, but
-the programs (the X11 clients in a resumed X2Go session) are still 
running in the old environment with outdated SSH_AUTH_SOCKET info
-the programs from before can’t access the SSH-agent
-...unless the new value gets setup in the old environments


possible fix is this:
-X2Go on the server side does not start any new programs in the X2Go 
session or resumes an X2Go session, until:
-an only-session-dependent symbolic link is set up pointing to the 
socket from SSH_AUTH_SOCKET
-SSH_AUTH_SOCKET is set to that symbolic link


Result:
-as the name of symbolic link is fixed for the session, no environment 
variables need to be updated
-the link always points to the socket created by the sshd for this 
connection
-the ssh-agent can be reached