Can an active user session be "assumed" under Linux?

Outside of using something like screen, is it possible to 'assume' an active user session under Linux/UNIX?

For example, I ssh to my server from home. Then I ssh to it form work. I want to kill the home-spawned session, and "take-over" all of the processes that it had running.

warren@home> ssh warren@myserver
warren@myserver> top

...

warren@work> ssh warren@myserver
warren@myserver> <grab-other-session-of-mine>

After the <grab-other-session-of-mine> command/tool, the warren@home ssh session should be closed.

Is this possible?

warren

Posted 2010-07-28T15:40:53.310

Reputation: 8 599

1Why can't you use screen? That allows you to do exactly what you want here. – Daenyth – 2010-07-28T16:08:22.047

@Daenyth - because some systems don't have it installed, and without root access on those machines, I can't add it :) – warren – 2010-07-29T12:34:59.863

If the system has a compiler, compile it in your home directory and run it there. If the system doesn't have a compiler, compile it on another system with similar libraries and then copy the file over and run it from your home. I don't think what you ask is possible without using some sort of application -- and screen is the best. Also ask the sysadmin to have it installed, I don't know any competent ones who don't use it. – Daenyth – 2010-07-29T22:48:56.533

@Daenyth - I know lots of sysadmins who use screen, but disallow regular users from touching it as it has the potential to be a big security hole – warren – 2010-07-30T12:50:24.137

Also, a variety of systems are routinely scanned for 'non-standard' tools/processes, and are put back to a 'safe' state – warren – 2010-07-30T12:55:00.127

Answers

As far as I know this is not possible. What's wrong with screen or equivalents ?

The processes from your session are bound to their current tty and parent process, changing these would lead to a number of nasty problems, so it would require an abstraction layer that provides your worker processes with a persistent tty and parent. This is what screen and friends does; not using these would require putting the feature in the sshd itself.

See Use GNU screen as login "shell" to use screen as a login shell, which removes the need to think to run it.

b0fh

Posted 2010-07-28T15:40:53.310

Reputation: 2 005

thanks, b0fh - looks like this question would require a bunch of the steps mentioned here:http://superuser.com/questions/28568/screen-a-running-process .. except not so cleanly. Oh well :)

– warren – 2010-07-30T14:19:13.397

First: Yes. You can do this if and only if you have recorded the TCP session (Not sure how much of this is necessary, but you need to have access to the packet capture), have the right tools and expertise, have full control of packets being generated on a machine between the client and server, and have access to the server private key. You could conceivably take over the TCP connection, impersonate the originating client, and begin transmitting and receiving data on the existing connection.

But that would be silly and far harder than it is worth, so practically speaking, no, you can't do it without using a tool like screen.

Slartibartfast

Posted 2010-07-28T15:40:53.310

Reputation: 6 899