Skip to content

Instantly share code, notes, and snippets.

@Raboo

Raboo/sshuttle.sh

Forked from rchrd2/sshuttle.sh
Last active May 24, 2023 13:09
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Raboo/004b451cbf08f5c43836a588cdf935ff to your computer and use it in GitHub Desktop.
Save Raboo/004b451cbf08f5c43836a588cdf935ff to your computer and use it in GitHub Desktop.
Download ZIP
xbar + sshuttle
Raw
sshuttle.sh
#!/usr/bin/env bash
#
# Easily start/stop sshuttle
#
# <xbar.title>sshuttle</xbar.title>
# <xbar.version>v1.3</xbar.version>
# <xbar.author>Elias Abacioglu</xbar.author>
# <xbar.author.github>Raboo</xbar.author.github>
# <xbar.desc>Easily start/stop a background sshuttle.</xbar.desc>
# <xbar.dependencies>sshuttle</xbar.dependencies>
# <xbar.abouturl>https://gist.github.com/Raboo/004b451cbf08f5c43836a588cdf935ff</xbar.abouturl>
# For a sshuttle connection to work, first destination host key must exist in known_hosts
# and sshuttle must be able to run sudo without password.
# Should only need to edit these.
SSH_CONNECTION="USER@REMOTE.com"
DEBUG="false"
SSHUTTLE_BIN="/opt/homebrew/bin/sshuttle"
SSHUTTLE_CMD="${SSHUTTLE_BIN} --dns -N --no-latency-control --disable-ipv6 -r ${SSH_CONNECTION}"
SHUTTLE_KILL_CMD="/usr/bin/pkill -f '${SSHUTTLE_CMD}'"
HOST=$(echo ${SSH_CONNECTION} | cut -f2 -d@)
case "$1" in
sign)
osascript -e "tell app \"System Events\" to display dialog \"Will sign SSH key for ${HOST}\"" && SIGN=true
echo "Will sign SSH key for ${HOST}"
[[ ${SIGN} = true ]] && osascript -e "do shell script \"grep -q ${HOST} ~/.ssh/known_hosts && /usr/bin/sed -i '' '/${HOST}/d' ~/.ssh/known_hosts\""
[[ ${SIGN} = true ]] && osascript -e "do shell script \"ssh -oStrictHostKeyChecking=no ${SSH_CONNECTION} echo\""
;;
sudo)
SUDOERS=$(${SSHUTTLE_BIN} --sudoers-no-modify | /usr/bin/egrep "Cmnd_Alias|NOPASSWD")
SUDOERS+="\nCmnd_Alias DNSCACHE = /usr/bin/killall -HUP mDNSResponder"
SUDOERS+="\n${USER} ALL=(ALL) NOPASSWD: DNSCACHE"
echo "Will Whitelist sudo for user ${USER} running sshuttle"
# Yes, i know this can be potentially unsafe.
osascript <<-EOF
do shell script "echo \"${SUDOERS}\" > /etc/sudoers.d/sshuttle && chown root:wheel /etc/sudoers.d/sshuttle && chmod 0440 /etc/sudoers.d/sshuttle" with prompt "Whitelist sudo for user ${USER} running sshuttle" with administrator privileges
EOF
;;
connect)
echo -n "Connecting to ${SSH_CONNECTION}..."
if pgrep -qf "${SSHUTTLE_CMD}"; then
echo "Already connected."
else
if [ -f /etc/sudoers.d/sshuttle ]; then
# Clear DNS cache before we connect.
/usr/bin/sudo /usr/bin/killall -HUP mDNSResponder
/usr/bin/osascript -e "do shell script \"nohup -- ${SSHUTTLE_CMD} > /dev/null 2>&1 &\""
sleep 1
until pgrep -qf "${SSHUTTLE_CMD}"; do echo -n "." && sleep 1; done
echo "Connected, Hooray!"
else
osascript -e "tell app \"System Events\" to display dialog \"You need to add sshuttle to sudoers\""
echo "You need to add sshuttle to sudoers"
fi
fi
;;
disconnect)
echo "Disconnecting sshuttle..."
/usr/bin/osascript -e "do shell script \"${SHUTTLE_KILL_CMD}\""
until ! pgrep -qf "${SSHUTTLE_CMD}"; do sleep 1; done
;;
esac
if [ "${BitBarDarkMode}" ]; then
# OSX has Dark Mode enabled.
color=white
else
# OSX does not have Dark Mode
color=black
fi
if pgrep -qf "${SSHUTTLE_CMD}"; then
echo -e "sshuttle ✔ | color=${color}"
else
echo -e "sshuttle ✘ | color=gray"
fi
echo "---"
if pgrep -qf "${SSHUTTLE_CMD}"; then
echo "Connected"
echo "$(pgrep -f "${SSHUTTLE_CMD}" | head -1 | xargs ps -o etime -p)"
echo "Disconnect | color=indianred bash=$0 param1=disconnect terminal=${DEBUG} refresh=true"
else
echo "Not connected"
echo "Connect | bash='$0' param1=connect terminal=${DEBUG} refresh=true"
echo "Sign SSH key | bash='$0' param1=sign terminal=${DEBUG} refresh=true color=pink"
echo "Add sshuttle to sudoers | bash='$0' param1=sudo terminal=${DEBUG} refresh=true color=pink"
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment