(DIR) <- Back
ssh magic + your commandline edc (Everyday carry)
=================================================
Securely load your custom bash functions automatically on every
ssh connect.
Most of us know this situation: You connect to a new server and
sooner or later miss an alias or shell function that you use on
your personal system.
In the following i'll explain how you can securely load your list
of bash-functions.
This example involves three computers:
a) your local machine
- running ssh-agent
- in ~/.ssh/config set:
ForwardAgent yes
RequestTTY yes
RemoteCommand bash --rcfile <(cat .bashrc 2> /dev/null; git archive --remote=ssh://src@kroovy.de:/path/to/repo HEAD toolbox.sh | tar -xO)
(TXT) raw
b) the server you connect to
- in /etc/ssh/sshd_config set:
AllowAgentForwarding yes
c) your git server that allows auth via ssh-key
- deposit your local machine's pubkey
Authentication
--------------
We serve git via SSH. This enables us to have authentication via
your SSH-Key.
We use the command `git archive` to grab just one file from the
repository.
Notes:
------
If you want to harden the setup, you can can include a sha256sum
check within your local machine's config:
RemoteCommand t=$(mktemp); git archive --remote=ssh://src@kroovy.de:/path/to/repo HEAD toolbox.sh | tar -xO | tee $t | sha256sum | awk '{print $1}' | cmp -s <(echo "86dd63a2159898efeddc56e94232291f5412edf0e6e0fb0d862c81f03f5feff5") || exit; bash --rcfile <(cat .bashrc 2> /dev/null; cat $t); rm $t
(TXT) raw
See Evil_Bob's guide:
(DIR) Setup your own git hosting service