SSH wrapper bash script or proxy solution
Moderator: General Moderators
-
alex.barylski
- DevNet Evangelist
- Posts: 6267
- Joined: Tue Dec 21, 2004 5:00 pm
- Location: Winnipeg
SSH wrapper bash script or proxy solution
My IDE uses SSH to connect to a remote server and display the files/folders. It also has no option for hiding .svn directories so whenever I list files or do a search using plink or putty, I get all those damn .svn directories included in my results -- PITA.
What I would ike to do is setup a SSH wrapper/proxy script which would essentially intercept the SSH requests for a certain user account and return the filtered results.
The catch is, the IDE is on Windows and the server is a Debian box. So I think a proxy is what is needed?
The problem as I understand, is that Windows connects to a SSH account at which point it's to late for shell scripts to intercept without a proxy.
Anyways, have any ideas? Suggestions?
Sounds like I would have to use IPTABLES or similar technique but I have no idea what my solution would look like...ideally I wanted a shell script
What I would ike to do is setup a SSH wrapper/proxy script which would essentially intercept the SSH requests for a certain user account and return the filtered results.
The catch is, the IDE is on Windows and the server is a Debian box. So I think a proxy is what is needed?
The problem as I understand, is that Windows connects to a SSH account at which point it's to late for shell scripts to intercept without a proxy.
Anyways, have any ideas? Suggestions?
Sounds like I would have to use IPTABLES or similar technique but I have no idea what my solution would look like...ideally I wanted a shell script
Re: SSH wrapper bash script or proxy solution
Hm... I think you should use SVN and not SFTP (in fact you don't use SSH itself but sftp-server) for remote editing in your case. And intercepting with SSH protocol with be a PITA 
You can't use IPTABLES for such things, because IPTABLES doesn't operate on OSI layer 7 - Application Layer (with a few exceptions).
You can't use IPTABLES for such things, because IPTABLES doesn't operate on OSI layer 7 - Application Layer (with a few exceptions).
There are 10 types of people in this world, those who understand binary and those who don't
-
alex.barylski
- DevNet Evangelist
- Posts: 6267
- Joined: Tue Dec 21, 2004 5:00 pm
- Location: Winnipeg
Re: SSH wrapper bash script or proxy solution
How would I use SVN as a proxy? I don't think that would work, due to my setup... 
My SVN repo is on the same Windows machine running as svnserve. I checkout on my Debian box when I wake up and commit when I goto bed.
If I used SVN to filter the results, the files would open the repo files and not my working copy files -- if I understand you correctly.
The other alternative which I had before, is to map the working copy directory to a Windows directory using Samba and access the files locally through my IDE, in which case filtering like my requirement is allowed.
Thanks again VladSun...more like Vlad the Linux impaler?
My SVN repo is on the same Windows machine running as svnserve. I checkout on my Debian box when I wake up and commit when I goto bed.
If I used SVN to filter the results, the files would open the repo files and not my working copy files -- if I understand you correctly.
The other alternative which I had before, is to map the working copy directory to a Windows directory using Samba and access the files locally through my IDE, in which case filtering like my requirement is allowed.
Thanks again VladSun...more like Vlad the Linux impaler?
Re: SSH wrapper bash script or proxy solution
So you have:PCSpectra wrote:My SVN repo is on the same Windows machine running as svnserve. I checkout on my Debian box when I wake up and commit when I goto bed.
If I used SVN to filter the results, the files would open the repo files and not my working copy files -- if I understand you correctly.
The other alternative which I had before, is to map the working copy directory to a Windows directory using Samba and access the files locally through my IDE, in which case filtering like my requirement is allowed.
1) Windows machine with svn service
2) Windows machine (the same as the one above) where you want to edit your files
3) Debian box where you do checkout and use theses files
So, on the Windows machine you have to do SVN checkout into a directory, edit files, then commit them to the SVN repository. The same applies for the Debian machine.
So, no SSH/SFTP is used - just SVN.
There are 10 types of people in this world, those who understand binary and those who don't
-
nickvd
- DevNet Resident
- Posts: 1027
- Joined: Thu Mar 10, 2005 5:27 pm
- Location: Southern Ontario
- Contact:
Re: SSH wrapper bash script or proxy solution
I would expect the major problem to be the fact that ssh is secure and encrypted... True, you have access to the key's and could fairly easily get into the ssh session, but the amount of work involved would be fairly large for something as trivial as filtering out files and folders..
-
alex.barylski
- DevNet Evangelist
- Posts: 6267
- Joined: Tue Dec 21, 2004 5:00 pm
- Location: Winnipeg
Re: SSH wrapper bash script or proxy solution
Not quite...So, on the Windows machine you have to do SVN checkout into a directory, edit files, then commit them to the SVN repository. The same applies for the Debian machine.
My SVNserve is running as a service, yes...my IDE is Windows based but uses SSH/SFTP to access files stored on my Linux machine.
I have a linux console open at all times to perform root operations, etc.
At the start of the day, I call checkout (incase I modified the repo from another computer), make a simple change, then commit and comment.
The working copy is on the Linux machine, the SVN repo is on the Windows machine. But the IDE works on the working copy not the repo.
i have considered using Samba to map the working copy directpory to a Windows directory but...I was hoping there was a different way, only because Samba server now needs to be running on Linux server and ideally I have as little daemons running on that computer as possible -- security reasons.
Cheers,
Alex
Re: SSH wrapper bash script or proxy solution
You *should* have a "working copy" on each box - the Windows one and the Debian one. It doesn't matter where the SVN repo is - you just do an update/checkout, edit files *locally* and commit. That's the way it should be - no SSH/SFTP, no Samba, no sharingPCSpectra wrote:The working copy is on the Linux machine, the SVN repo is on the Windows machine. But the IDE works on the working copy not the repo.
There are 10 types of people in this world, those who understand binary and those who don't
-
alex.barylski
- DevNet Evangelist
- Posts: 6267
- Joined: Tue Dec 21, 2004 5:00 pm
- Location: Winnipeg
Re: SSH wrapper bash script or proxy solution
Heh? Why "should" I have two working copies?
I don't develop on my Windows box...I simply use it's IDE editor...my dedicated machine is a Debian machine so I replicate it's environment identically, locally for faster development and secure testing.
When I have a stable snapshot (tag) I upload it to a dedicated server configured exactly as my local machine.
I have tried having working copies on both and honestly it didn't work, at least fit my development style.
I don't develop on my Windows box...I simply use it's IDE editor...my dedicated machine is a Debian machine so I replicate it's environment identically, locally for faster development and secure testing.
When I have a stable snapshot (tag) I upload it to a dedicated server configured exactly as my local machine.
I have tried having working copies on both and honestly it didn't work, at least fit my development style.
Re: SSH wrapper bash script or proxy solution
Because that's one of the main reasons SVN, CVS etc. tools are used forPCSpectra wrote:Heh? Why "should" I have two working copies?
I don't develop on my Windows box...I simply use it's IDE editor...my dedicated machine is a Debian machine so I replicate it's environment identically, locally for faster development and secure testing.
When I have a stable snapshot (tag) I upload it to a dedicated server configured exactly as my local machine.
I have tried having working copies on both and honestly it didn't work, at least fit my development style.
Multiple and concurrent versions, created by different people on different machines (in your case one man on two machines).
There are 10 types of people in this world, those who understand binary and those who don't