hngopher.com

       [HN Gopher] XXH: Bring your favorite shell wherever you go throu...
       ___________________________________________________________________
        
       XXH: Bring your favorite shell wherever you go through the SSH
        
       Author : crummy
       Score  : 28 points
       Date   : 2021-12-14 20:28 UTC (2 hours ago)
        
 (HTM) web link (github.com)
 (TXT) w3m dump (github.com)
        
       | suifbwish wrote:
       | Portability of shells/binary injection and the associated layers
       | often come with extreme vulnerabilities that are often not
       | officially discovered for years. Convenience is often the reason
       | many new vulnerabilities are introduced. Cool project for hobby
       | purposes but be cautious when using this sort of thing on
       | production systems especially on those housing data of any
       | importance.
        
         | hamburglar wrote:
         | At my company this would be auto-flagged and you'd have the
         | intrusions team on your ass inside of 5 minutes. :D
        
       | mzs wrote:
       | how it works: https://github.com/xxh/xxh/wiki#how-it-works
        
       | loeg wrote:
       | (No relation to XXHash (XXH32, XXH64, XXH128, XXH3):
       | https://github.com/Cyan4973/xxHash )
        
       | sigmonsays wrote:
       | when would you use this?
       | 
       | Sounds like an awful way to distribute and run software...
        
         | [deleted]
        
         | spicybright wrote:
         | Lots of reasons this can be useful.
         | 
         | At my company we sometimes have to SSH into our dev nodes to
         | restart things, figure out what's going wrong, etc. But we wipe
         | them out nightly to update the code.
         | 
         | This tool would let you keep all your special aliases for
         | working on the nodes without manually copying your config(s)
         | over.
         | 
         | Can't say I'd use it, but I can see use cases like the above.
        
           | suifbwish wrote:
           | Why not just have the instance run a script to fetch a new
           | .rc file from a local repo? Or better yet just include the
           | aliases in the profile/rc file on the image itself.
        
         | johnisgood wrote:
         | What does it have to do with distributing or running software?
         | What did I miss from the README?
        
       | tyingq wrote:
       | Is there a description somewhere as to what it's doing under the
       | covers?
       | 
       | A simplistic version could be just to ship a static binary of
       | your shell over, like:
       | 
       | tar -cf - ./bash-binary | ssh $host 'tar -xf -;./bash-binary -c
       | "echo hello world"'
        
       ___________________________________________________________________
       (page generated 2021-12-14 23:01 UTC)