Apply jumphost's .bashrc to server during ssh from client?

0

With the following topology:

    +----------+   ssh -J   +--------+       +--------------+
    |clienthost| =========> |jumphost| ====> |restrictedhost|
    +----------+            +--------+       +--------------+
                            .bashrc  - - - - - > .bashrc

This successfully allows me to ssh into restrictedhost :

ssh -oProxyCommand="ssh -W %h:%p me@jumphost" me@restrictedhost

and results in an uncustomized bash shell:

Welcome to Ubuntu 14.04.2 LTS (GNU/Linux 3.13.0-45-generic x86_64)
Last login: Mon Nov 12 16:23:06 2018 from 10.250.20.3
me@restrictedhost:~$

What I want is to carry my dotfile from jumphost (not the client, that's more complicated) to restrictedhost so that, among other things, I get my personalized prompt:

bash Mon Nov 12  16:36:21 ~/ me@MacBook-Pro>

How can I apply jumphost:/tmp/.bashrc file to the shell at restrictedhost?

What I do know

  1. When there is no jumphost involved, this gives me my bash customizations:

    ssh me@unrestricted  "echo "$(cat ${HOME}/.bashrc | base64 -w 0)" | base64 --decode > /tmp/${USER}_bashrc; cd /tmp/; bash --rcfile /tmp/${USER}_bashrc"

  2. If I directly apply 1. to the jump, I get no command prompt (or other bash customizations) at all:

    ssh -oProxyCommand="sshpass -p Empty$paces ssh -W %h:%p devteam@man1-pqa" devteam@queue1-pqa "bash --rcfile /tmp/_bashrc"

Sridhar Sarnobat

Posted 2018-11-13T00:59:48.303

Reputation: 870

Cross-posted because the other one is getting downvoted and will probably get closed. – Sridhar Sarnobat – 2018-11-13T01:00:33.620

Answers

0

Escape pipes, redirects and semi colons

ssh -t me@jumphost "ssh -t  me@restrictedhost echo "$(~/.bashrc | base64 -w 0)" \| base64 --decode \> /tmp/my_bashrc \; bash --rcfile /tmp/my_bashrc"

Explanation:

  • you need to escape pipes, redirects and semicolons so that the jumphost doesn't interpret them. You want the restricted host to interpret them. The jumphost should pass everything verbatim.
  • you echo the local .bashrc contents on the restricted host, escaped as base64 so you don't have to deal with newlines (or any special characters). Thank goodness for base 64!
  • actually this copies the .bashrc file from the CLIENT, not the jumphost (which is even better).

sshpass

sshpass -p jumphostpas$word autossh -M0 -t jumphostusername@jumphostname "sshpass -p restrictedhostpas\\\$word autossh -M0 -t  restrictedhostusername@restrictedhostname echo "$(cat ~/.bashrc | base64 -w 0)" \| base64 \\\-\\\-decode \> /tmp/my_bashrc   \; bash \\\-\\\-rcfile /tmp/my_bashrc "

key binding (ZSH)

If you want to make this a ZSH key binding, do this:

bindkey -s "^[K" 'sshpass -p passwordjumphost autossh -M0 -t usernamejumphost@jumphostname "sshpass -p pas\\\\\\$wordrestrictedhost autossh -M0 -t  usernamerestrictedhost@restrictedhostname echo "$(cat ~/.bashrc | base64 -w 0)" \\| base64 \\\\\\-\\\\\\-decode \\> /tmp/my_bashrc   \\; bash \\\\\\-\\\\\\-rcfile /tmp/my_bashrc "'

Sridhar Sarnobat

Posted 2018-11-13T00:59:48.303

Reputation: 870

Asked: 2018-11-13T00:59:48.303

Viewed: 115 times

Active: 2018-11-16T20:12:10.907