Linux.com | Using screen for remote interaction
Screen takes this feature, which is called multi-display mode, to the next level with multi-user mode. In multi-user mode more than one user can access and control a screen session. The problem with this mode is that it’s not obvious how to set it up. Here’s what I ultimately figured out with the help of some Google searching:
1. Set the screen binary (/usr/bin/screen) setuid root. By default, screen is installed with the setuid bit turned off, as this is a potential security hole.
2. The teacher starts screen in a local xterm, for example via screen -S SessionName. The -S switch gives the session a name, which makes multiple screen sessions easier to manage.
3. The student uses SSH to connect to the teacher’s computer.
4. The teacher then has to allow multiuser access in the screen session via the command Ctrl-a :multiuser on (all screen commands start with the screen escape sequence, Ctrl-a).
5. Next the teacher grants permission to the student user to access the screen session with Ctrl-a :acladd student where student is the student login ID.
6. The student can now connect to the teacher’s screen session. The syntax to connect to another user’s screen session is screen -x username/session.
At this point the teacher and student both have control of the session. Note that there are security implications to this — the student is operating the session as the teacher and could potentially do something to damage the system. If you don’t trust your students then you should probably use a special teacher account and not your normal login account. The teacher can also make the student’s session read-only. To do this, use the aclchg screen command to remove write access for the student: Ctrl-a :aclchg student -w “#”. The student can then only observe the teacher’s actions. Otherwise, the teacher will have to let the student work on the honor system.