BASH - Login options

Reuse SSH-AGENT

Share the same ssh-agent across multiple login sessions. With added checks for NFS shared home directory issues

start_agent()
{
    killall ssh-agent 2> /dev/null
    ssh-agent | sed 's/ Agent pid//' > $SSH_ENV
    . $SSH_ENV > $SSH_PID_FILE
    ssh-add ~/.ssh/<private_key> 2> /dev/null
}

mkdir -p "$HOME/.ssh/agent"         # keeps agents more secure than in /tmp
SSH_TMOUT=2678400                   # 31 days
SSH_ENV="$HOME/.ssh/agent/env.$(hostname)"
SSH_PID_FILE="$HOME/.ssh/agent/pid.$(hostname)"

if [[ -e $SSH_PID_FILE ]]; then
    SSH_PID=$(< $SSH_PID_FILE) 
    PROCESS=$(ps -p $SSH_PID -o comm=)

    if [[ $PROCESS == 'ssh-agent' ]]; then
        . $SSH_ENV > $SSH_PID_FILE
    else 
        start_agent
    fi  
else
    start_agent
fi

 

 

History per user on shared sudo accounts ​

A shared account will have a shared command history. Unsuspecting users could accidentally replay a last command that is not theirs. Using the below, each user will get there own time stamped history First create a directory for history files

mkdir -p ~/.histfiles

Then, adding this to .bashrc for shared accounts gives each user who becomes the account their own history

# User specific aliases and functions
# 
mkdir -p ~/.histfiles
HISTFILE=~/.histfiles/$(who am i | cut -d" " -f1 )
echo "#$(date):$(tty)" >> $HISTFILE