GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → dokku → Sshcommand

dokku / Sshcommand

Licence: mit
Turn SSH into a thin client specifically for your app

Programming Languages

shell
77523 projects

sshcommand Build Status

Simplifies running a single command over SSH, and manages authorized keys (ACL) and users in order to do so.

It basically simplifies running:

ssh [email protected] 'ls -l <your-args>'

into:

ssh [email protected] <your-args>

Commands

sshcommand create                    <USER> <COMMAND>                # Creates a local system user and installs sshcommand skeleton
sshcommand acl-add                   <USER> <NAME> <KEY_FILE>        # Adds named SSH key to user from STDIN or argument
sshcommand acl-remove                <USER> <NAME>                   # Removes SSH key by name
sshcommand acl-remove-by-fingerprint <USER> <FINGERPRINT>            # Removes SSH key by fingerprint
sshcommand list                      <USER> [<NAME>] [<OUTPUT_TYPE>] # Lists SSH keys by user, an optional name and a optional output format (JSON)
sshcommand help                      <COMMAND>                       # Shows help information
sshcommand version                                                   # Shows version

Example

On a server, create a new command user:

$ sshcommand create cmd /path/to/command

On your computer, add authorized keys with your key:

$ cat ~/.ssh/id_rsa.pub | ssh [email protected] sshcommand acl-add cmd progrium

If the public key is already on the server, you may also specify it as an argument:

$ ssh [email protected] sshcommand acl-add cmd progrium ~/.ssh/id_rsa.pub

By default, key names and fingerprints must be unique. Both of these checks can be disabled by setting the following environment variables to false:

export SSHCOMMAND_CHECK_DUPLICATE_FINGERPRINT="false"
export SSHCOMMAND_CHECK_DUPLICATE_NAME="false"

Now anywhere with the private key you can easily run:

$ ssh [email protected]

Anything you pass as the command string will be appended to the command. You can use this to pass arguments or if your command takes subcommands, expose those subcommands easily.

$ /path/to/command subcommand

Can be run remotely with:

$ ssh [email protected] subcommand

When adding an authorized key, you can also specify custom options for AUTHORIZED_KEYS by specifying the SSHCOMMAND_ALLOWED_KEYS environment variable. This should be a list of comma-separated options. The default keys are as follows:

no-agent-forwarding,no-user-rc,no-X11-forwarding,no-port-forwarding

This can be useful for cases where the ssh server does not allow certain options or you wish to further constrain a user's environment. Please see man sshd for more information.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].