Skip to main content.
June 12th, 2008

On the laptop side

You can probably figure out what you need to do on the laptop side by thinking about what we’ve done on the server side. We have the server checking for a signal (a new file deposited) by ftp and preparing to set up an ssh tunnel in response to the signal. On the laptop side, all we have to do is: (i) send the signal; (ii) wait for the tunnel to be established; (iii) set up the other side of the tunnel; and (iv) use our new tunnel.

So, here’s a script we can use to send the signal, wait for a reply indicating tunnel set up, and then establish our side of the tunnel:

#!/bin/sh

echo "Sending signal..."
touch sig
ftp -u ftp://USER:PASS@ftp.INTERMEDIARY.COM/public_ftp/ sig
echo "Waiting for reply..."
#loop here with sleep command to check for response q 4 seconds; he will check q 3 minutes
COUNTER=0
while [ $COUNTER -lt 90 ] && [ -z "`ftp -v ftp://USER:PASS@ftp.INTERMEDIARY.COM/public_ftp/reply|grep 226`" ]; do
  let COUNTER=COUNTER+1
  sleep 4
  done
if [ $COUNTER -lt 90 ]; then
  tunnelToInt.expect &
  #loop here with sleep command to check for tunnel up
  COUNTER=0
  while [ $COUNTER -lt 40 ]; do
    if [ -e 'tunnelToInt.pid' ] && [ ! -z "`ps -ax|grep -f tunnelToInt.pid`" ]; then
      break
    fi
    let COUNTER=COUNTER+1
    sleep 1
    done
  if [ ! $COUNTER -lt 40 ]; then
    echo "Couldn't bring up tunnel!"
    exit
  fi
  echo "Your tunnel is ready."
else
  echo "No reply received!"
  exit
fi

And this one also uses an expect script:

#!/usr/bin/expect -f

set timeout 20
set pid [spawn ssh -N -L2389:localhost:10000 USER@INTERMEDIARY.COM]
expect {
  "assword:" { send "PASS\r" }
  "(yes/no)? " { send "yes\r"; continue }  }
exec echo $pid >tunnelToInt.pid
set timeout -1
expect eof

That’s it. Now you have a tunnel from your local port 2389 to port 10000 on your intermediary and from port 10000 on your intermediary to port 22 on your work machine. Therefore, you can reach your work machine using secure shell, like so:

ssh -p2389 USER@localhost

Note that ssh thinks you are telnetting to port 2389 of the localhost, so you don’t need the “real” IP address of your work machine.

Posted by admin in Uncategorized

This entry was posted on Thursday, June 12th, 2008 at 4:19 pm and is filed under Uncategorized. You can follow any responses to this entry through the comments RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>