ssh snippets

SSH tunneling

Tagged ssh, tunneling, port, secure  Languages bash

SSH tunneling to bypass overly strict firewalls for services you need. The first port is that of the remote service, and the latter is the port you want to use on the local computer. For clarity I usually use the same port on both computers if possible. Here we initiate a tunnel into the vnc server of a remote host.

ssh -L 5905:localhost:5905 marko@remotehost

Next we open the vnc viewer into localhost, which in fact is the tunnel into the remote host.

vncviewer localhost:5

Remote X11 apps through SSH

Tagged ssh, x11, remote applications, linux  Languages bash

In order to forward X11 applications from a remote server into your local X session the server must support tunneling of X11 apps with this property in sshd_config

X11Forwarding yes

Then simply issue the -X parameter for the SSH client.

ssh -X remotehost

Now run an X11 application from the SSH terminal and it's UI will be tunneled to your local X session.

gvim my_script.rb

Enable your favorite editor in production environment.

Tagged favorite editor, sshfs, ssh, production, linux, mounting remote directory  Languages bash

Anyone who's ever set up or maintained a larger production environment will love this "snippet". Production environments seldom contain your favorite editor. In fact, most times you are stuck with vi, which is fine if that happens to be your flavor. For most people vi just doesn't fit. The only requirement for this trick is to have SSH access into the production environment.

Firstly install sshfs on your development computer.

sudo apt-get install sshfs

It should work for both major Debian derivates (Debian and various versions of Ubuntu). I know from experience that it works for Etch stable. If you don't use a package manager then go to sshfs homepage and follow instructions from there.

Create a mountpoint for the production filesystem.

sudo mkdir -p /mnt/production-xyz/bea92

Mount it with sshfs using a syntax similar to scp.

sshfs marko@production_server:/opt/bea92 /mnt/production-xyz/bea92

Fire up your favorite editor and start setting up/maintaining the production environment with a smile on your face :) Once you're done unmount it using the command below.

fusermount -u /mnt/production-xyz/bea92

Using rsync to backup a remote machine to a local directory via SSH

Tagged sync, backup, rsync, ssh  Languages bash

This command copies the files on the remote machine 127.0.0.1 to the local directory /backups/127.0.0.1:

rsync --delete -r -ve "ssh -p 666" 127.0.0.1:/var/www/ /backups/127.0.0.1

Some useful parameters:

-r = recursive
-n = simulate
-v = verbose
-a = archive mode
-L = follow symbolic links
--size-only = 
--progress = show progress indicator
--numeric-ids = don't map user and group IDs to local user and group names
-e = use SSH and port 666
--bwlimit = limit bandwidth to 100 kilobytes/second
--exclude-from = exclude the files and directories listed in the configuration file
--delete = remove local files that have been removed on the remote server

SSH "bundle: command not found"

Tagged bash_profile, bashrc, ssh, path  Languages bash

Behold ~/.bashrc:

# If not running interactively, don't do anything 
[ -z "$PS1" ] && return

Don't put "export PATH" or anything else important below that line containing "return", put it above.

If you're using SSH to execute commands on the server the script will exit on that line, and with Rails bundler you'll then get errors like this:

bash: bundle: command not found

Still not working? Maybe you're running the command through SSH and bundle (or rbenv/rvm) is not in your PATH variable:

$ ssh sandbox 'echo $PATH'

Now try this:

$ ssh sandbox 'source ~/.bashrc && echo $PATH'

Next, figure out why the command is not in your path.

It could be because your .bashrc is missing this:

export RBENV_ROOT=/usr/local/rbenv
export PATH="$RBENV_ROOT/bin:$PATH"
eval "$(rbenv init -)"

It could be something else…

Reverse ssh tunnel.

Tagged reverse, tunnel, ssh  Languages bash

Don't want to run ssh service on the server? Then have the server create a tunnel into your computer and creep up to the server using that.

ssh -R 1234:localhost:22 marko@123.123.123.123

123.123.123.123 is the ip address of your computer. Then just do a ssh -l marko -p 1234 localhost on your computer to login to the server.

How to prevent Capistrano from asking for password when deploying

Tagged ssh, capistrano, password  Languages ruby

Capistrano might ask for a password when:

# Capistrano is using sudo, so set it to false
set :use_sudo, false

# Your remote server is trying to checkout an SSH protected Git repository
set :repository, '/var/git/repositories/xxx.git' # Remote server also holds the git repository
set :local_repository, 'ssh://xxx/var/git/repositories/xxx.git' # Your development machine points to the remote machine 

# SSH settings, also see ~/.ssh/config
set :user, "jebus"
set :domain, 'xxx.com'
set :port, 666

# Other settings worth checking
ssh_options[:forward_agent] = true
ssh_options[:keys] = [File.join(ENV["HOME"], ".ssh", "id_rsa")]
default_run_options[:pty] = true # see http://www.mail-archive.com/capistrano@googlegroups.com/msg07323.html for details

Reference

How to setup a password-less “cap deploy” with Capistrano

How to deploy a Go app through SSH

Tagged go, golang, ssh  Languages bash
# Target = Linux
GOARCH=amd64 GOOS=linux go build -o dist/go-fcuk-linux
scp dist/go-fcuk 127.0.0.1:/tmp
ssh -t 127.0.0.1 "sudo mv /tmp/go-fcuk-linux /usr/local/bin/go-fcuk"