🌒

Monitoring students on an SSH server

Posted at — Jun 29, 2022

Introduction

I currently have to teach someone how to use the Linux shell (bash). I have to do it remotely.

The obvious first step is to create a sandbox virtual machine running Linux and create accounts for them on it. I have a backup of the VM so they can freely make a mess if they want to.

But to guide them, I need to have a way to see what they are inputting and what they did input. I could use videoconferencing with screen sharing. But I like letting them do most of the work, so they spend a lot of time looking for info and thinking hard by themselves. So videoconferencing with them all the time would be a waste of my time. Also videoconferencing doesn’t allow me to see what they previously inputted.

The following is a way to monitor a student in whom you have some basic trust. It’s not meant as a monitoring method for security or regulatory reasons. Also beware that depending on the laws where you live, you may or may not have to tell your student(s) about this monitoring, and they may or may not decline it.

Enter ttyrec and ttyplay

ttyrec is a tool to record activity in a terminal. ttyplay is a tool to play those recordings. ttyplay can also monitor and play live a recording (ttyplay -p).

Recording

We need a place to store the recordings. It’s probably a bad idea to store them in the student’s home directory, as they could delete it accidentally too easily. So:

1
2
3
4
5

sudo mkdir -p /recording/student
sudo chmod 644 /recording
sudo chown root:root /recording
sudo chmod 755 /recording/student
sudo chown student:student /recording/student

Since we have some basic level of trust in our students, we can simply hook up ttyrec in their .bashrc (or .zshrc):

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16

--- .bashrc.orig	2022-06-29 16:59:04.279115683 +0000
+++ .bashrc	2022-06-29 16:59:54.071286056 +0000
@@ -8,6 +8,13 @@
       *) return;;
 esac
 
+if [ -z "$TTYREC" ] ; then
+	now=$(date "+%Y%m%d-%H%M%S")
+	out=/recording/$USER/$now.ttyrec
+	echo "Enabling recording in ${out}"
+	TTYREC=1 exec ttyrec ${out}
+fi
+
 # don't put duplicate lines or lines starting with space in the history.
 # See bash(1) for more options
 HISTCONTROL=ignoreboth

Playing back

1
2

cd /recording/student
ttyplay -n 20220629-173025.ttyrec

Monitoring

1
2

cd /recording/student
ttyplay -p 20220629-173025.ttyrec