Category Archives: SSH

Standardizing a personal work environment over multiply ssh servers.

“As if the finest and most manly of spectacles were not that of a man who conquers his soul hour after hour, fighting first against himself, against the suggestions of egoism, idleness, discouragement…”
Paul Sabatier “The Life of St. Francis of Assisi”

A system administrator will generally, during a normal day, work on more than one server . It is very helpful if certain settings (a personal working environment or PWE) and changes to these settings travel without any effort from server to server. OpenSSH offers a novel but effective approach of achieving just this. This article is concerned with describing experiences made with Debian Wheezy and its openssh-server (1:6.0p1-4+deb7u2).

The Principle
A client defined shell variable will be filled with the files which make up the personal environment (in this case .vimrc and .bashrc) and then passed to the server, which in turn will per shell script decode the variable and place the files in the appropriate user home directory.

The Preparations (The Client)
To simplify the creation of the shell variable ($PWE) a directory  ~/personal_work_envir is created. The files .bashrc and .vimrc are copied to this directory.

  • client: $ mkdir ~/personal_work_envir
  • client: $ cp -v ~/{.bashrc,.vimrc} ~/personal_work_envir

To create the shell variable $PWE the following line is added to ~/.bashrc

  • export PWE=$(tar -C ~/personal_work_envir -cz .| base64)

Finally the directive SendEnv is added to ~/.ssh/config.

  1. Host server
  2.     SendEnv PWE

The Preparations (The Server)
The shell script /etc/sshrc is invoked by the ssh server for every incoming ssh connection. A similar script namely ~/.ssh/rc can be defined for individual users. If this script exists it overrides /etc/sshrc but like /etc/sshrc,  it is executed before the shell or any remote command requested by the incoming connection. Unlike /etc/sshrc which is always executed by /bin/sh, the ~/.ssh/rc should be executed by the user’s normal login shell. Generally speaking /bin/bash. The ~/.ssh/rc script should look as follows:

  1.   #!/bin/bash
  2.   # unpack the personal work environment
  3.   if test “$PWE” ; then
  4.               echo “$PWE” | base64 -d | tar -xzC ~
  5.   fi

Now it only remains to ensure that the server accepts the client defined variable. This is achieved by adding the following entry to the sshd configuration /etc/ssh/sshd_config

  • AcceptEnv PWE

Public Domain Mark