1

For work, I have to connect to dozens of Linux machines via SSH (to perform maintenance, monitor the system, install software, etc).

I have a small arsenal of scripts that help me do some of these tasks, and these are located in a folder on my Mac in /Users/me/bin. I want to be able to run these scripts on the remote Linux machine, but for several reasons I do not want these scripts permanently located on these machines (e.g., other people also connect to these remote machines, and it would be unwise to let them execute these files).

So, is possible to share scripts across an SSH connection for the lifetime of the session only?

I have a couple of ideas on how to do this, but I don't know if any of them will work. Firstly, if SSH allows file mounting, I could automatically mount me@mymac:/Users/me/bin to me@linux:/remote_bin when I connect to the remote Linux box, and set my PATH variable to "$PATH:/remote_bin". Secondly, I could set up port forwarding in the connection string (e.g., ssh me@linux -R 9999:127.0.0.1:<SMBPORT|ETC> and every time I connect mount the share and set the $PATH variable.

EDIT: I've come up with a semi-solution. On the linux machine, edit /etc/ssh/sshd_config to add the following subsystem: Subsystem shareduserbinary sudo su -l -c "/bin/mount -t cifs -o port=9999,username=me,nounix,sec=ntlmssp //127.0.0.1/exported_bin /mnt/remote_bin" && bash -l -i -s. When connecting to the remote machine, set up a reverse port forward and invoke the subsystem. E.g.: ssh -R 9999:127.0.0.1:445 -s shareduserbinary me@linux.

EDIT 2: You can make the solution above cleaner, by removing the -l from the sudo command and changing the path from /mnt/remote_bin to $HOME/rbin.

magnus
  • 4,031
  • 7
  • 26
  • 48
  • If other people have enough _permissions_ to execute the contents of these files, you are not protecting anything by not leaving them around. – bmargulies May 02 '14 at 00:46
  • Regardless of permissions, there are still reasons to not share these scripts with them. – magnus May 02 '14 at 00:56
  • lots of interesting stuff if you search here for `[ssh] function`. I partiuclarly liked a recent take on this under http://stackoverflow.com/questions/23264657/how-to-run-a-bash-function-in-a-remote-host-in-ubuntu/23266213#23266213 . Look for anishsane's answer. Good luck. – shellter May 02 '14 at 09:17

2 Answers2

1

Interesting question. Perhaps you can add a command to ~/.bash_login (assuming you are using bash) to copy the scripts from a remote host (such as your mac) when you login, then add a command to ~/.bash_logout to delete the scripts when you logout. But, as bmargulies points out, it would be a good idea to go a step further and make sure that nobody else has permissions to read or execute the scripts.

mti2935
  • 11,465
  • 3
  • 29
  • 33
0

You can use OpenSSH's LocalCommand to upload the files (using e.g. scp or rsync) when initiating an SSH session (see man ssh_config and this):

Host server1 server2 [...]
PermitLocalCommand yes
LocalCommand scp -q /Users/bin/me/* %h:temp_bin/

and use .bash_logout or an EXIT-trap that you specify in your .bashrc to delete the contents of the directory on logout.

Adrian Frühwirth
  • 42,970
  • 10
  • 60
  • 71