Skip to content

Commit

Permalink
Refactor to use .ssh/config and update port handling
Browse files Browse the repository at this point in the history
- Modified code to utilize .ssh/config for SSH configurations instead of the treehouses sshtunnel command.
- Defined portArray as a string rather than an array.
- Created default port pairs for the reverse SSH tunnel.
- Implemented a function to convert the new portArray format ([port1]:[port2],[port3]:[port4]...) into an array of port numbers.
- Updated the code to use the new portArray and instance name to create specific configurations in .ssh/config.
  • Loading branch information
hiroTochigi committed Jun 22, 2024
1 parent 0fe0ae2 commit d86a52b
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 62 deletions.
56 changes: 6 additions & 50 deletions src/aws/dependencies/reverseShell.sh
Original file line number Diff line number Diff line change
Expand Up @@ -9,53 +9,18 @@ sshkey=`treehouses sshtunnel key name | cut -d ' ' -f 5`
#luftballonHostPort=2222
#serverPort=22

function openNonDefaultSShtunnel(){
local instanceIp=$1
local configuredSshTunnelPortArray=("$2")
local defaultSshtunnelPortArray=($(getSshtunnelConfiguration | sed 's/\n//g'| sed 's/ /,/g' ))

for _sshtunnelPortSet in "${configuredSshTunnelPortArray[@]}"; do
if [ -z $(echo "$_sshtunnelPortSet" | grep "$defaultSshtunnelPortArray") ]
then
local sshtunnelPortSet=($(echo $_sshtunnelPortSet | sed 's/:/ /'))
local luftballonHosPport=${sshtunnelPortSet[0]}
local serverPort=${sshtunnelPortSet[1]}
treehouses sshtunnel add port actual "$serverPort" "$luftballonHosPport" root@"$instanceIp"
fi
done
}


function deleteUnusedSShtunnel(){
local instanceIp=$1
local configuredSshTunnelPortArray="$2"
local defaultSshtunnelPortArray=($(getSshtunnelConfiguration | sed 's/\n//g'| sed 's/ /,/g' ))

for _sshtunnelPortSet in "${defaultSshtunnelPortArray[@]}"; do
if [ -z $(echo "$configuredSshTunnelPortArray" | grep "$_sshtunnelPortSet") ]
then
local sshtunnelPortSet=($(echo $_sshtunnelPortSet | sed 's/:/ /'))
local luftballonHostPort=${sshtunnelPortSet[0]}
treehouses sshtunnel remove port $luftballonHostPort root@"$instanceIp"
fi
done
}


function addKeyFingerprintToKnownHost(){
local instanceIp=$1
ssh-keyscan -H $instanceIp | grep ecdsa-sha2-nistp256 >> /home/pi/.ssh/known_hosts
}

function openSSHTunnel(){
local instanceIp=$1
local serverPort=$2
local luftballonHostPort=$3
local monitorPort=$4
local sshtunnelPortArray=$luftballonHostPort:$serverPort
local instanceName=$1
local instanceIp=$2
local sshtunnelPortArray=$3
local monitorPort=2200

addKeyFingerprintToKnownHost $instanceIp
addKeyFingerprintToKnownHost luftballon
treehouses sshtunnel key name $sshkey
sleep 2

Expand All @@ -65,18 +30,9 @@ function openSSHTunnel(){
ssh -i /root/.ssh/$sshkey root@$instanceIp 'echo "GatewayPorts yes" >> /etc/ssh/sshd_config'
sleep 2

# Restart SSH service on the remote machine in a detached screen session
# Use `screen` to run the command in the background,
# ensuring it completes even if the SSH connection is lost.
# This is necessary to apply the changes made to the SSH configuration.
ssh -i /root/.ssh/$sshkey root@$instanceIp 'screen -m -d bash -c "service ssh restart"'
sleep 2

#treehouses sshtunnel add host "$monitorPort" root@"$instanceIp"
#deleteUnusedSShtunnel $instanceIp $sshtunnelPortArray
#openNonDefaultSShtunnel $instanceIp $sshtunnelPortArray
createSshConfig "myserver" $instanceIp "root" "22" "~/.ssh/id_rsa" "8888:80,9999:443,2222:22"
autossh -f -T -N -q -4 -M 2200 myserver


createSshConfig $instanceName $instanceIp "root" "22" "~/.ssh/id_rsa" $sshtunnelPortArray
autossh -f -T -N -q -4 -M $monitorPort $instanceName
}
16 changes: 16 additions & 0 deletions src/aws/dependencies/utilitiyFunction.sh
Original file line number Diff line number Diff line change
Expand Up @@ -26,4 +26,20 @@ setBalloonName() {
else
echo "$1"
fi
}

function makePortArray {
local portString="$1"
local -a portArray

IFS=',' read -ra pairs <<< "$portString"

for pair in "${pairs[@]}"; do
IFS=':' read -ra ports <<< "$pair"
for port in "${ports[@]}"; do
portArray+=("$port")
done
done

echo "${portArray[@]}"
}
15 changes: 3 additions & 12 deletions src/aws/init.sh
Original file line number Diff line number Diff line change
Expand Up @@ -40,15 +40,6 @@ function addUDPPort() {
--cidr 0.0.0.0/0
}

function getNewPortinterval {
local portinterval=$1
local portint_offset=0
while grep -qs -e "M $((portinterval - 1))" -e "M $portinterval" -e "M $((portinterval + 1))" /etc/tunnel; do
portinterval=$((portinterval + 1))
portint_offset=$((portint_offset + 1))
done
echo $portinterval
}

function createSecurityGroups(){
aws ec2 create-security-group \
Expand All @@ -57,10 +48,10 @@ function createSecurityGroups(){

if [ -z "$portConfigArray" ]
then
portConfigArray="22 2222 $(getNewPortinterval 2200)"
portConfigArray="8080:80,8443:443,2022:22"
fi

portArray=($portConfigArray)
portArray=($(makePortArray "$portString1"))

for i in "${portArray[@]}"
do
Expand Down Expand Up @@ -188,7 +179,7 @@ function init {
isOpen=$(waitForOutput "ssh-keyscan -H $publicIp | grep ecdsa-sha2-nistp256")
echo "Opened ssh tunnel"

openSSHTunnel $publicIp $portConfigArray
openSSHTunnel $instanceName $publicIp $portConfigArray

storeConfigIntoTreehousesConfigAsStringfiedJson $instanceName $keyName $instanceId $publicIp $groupName
}
Expand Down

0 comments on commit d86a52b

Please sign in to comment.