BBEdit is a stalwart commercial text editor for the Macintosh computer.
It offers a Command-line tool: bbedit. This script invokes it over SSH.
Use it in a very similar way as you would with local files:
-
Server_Prompt$ rtedit file.txt--> opens file.txt. -
Server_Prompt$ rtedit .--> opens BBEdit’s sftp browser to the current directory. -
Server_Prompt$ rtedit ~--> opens BBEdit’s sftp browser to the home directory. -
Server_Prompt$ rtedit /etc--> opens BBEdit’s sftp browser to the etc directory.
Including pipes and flags:
Server_Prompt$ man seq | col -b | rtedit --view-top -m unix-man-page--> Opens the manual for seq in BBedit with the language set to Unix man page and the window scrolled to the top.
-
Copy shell script rtedit to a server you can configure. If you rename the script bbedit the command will look exactly like their local version
-
Place in a dir accessable by the users PATH. Such as /usr/local/bin.
-
Make the script executable.
-
Set env variable BB_USER to your username on the client mac.
-
Set env variable BB_HOST to the hostname of the client mac. -This is optional
I am not a security expert, so weigh my advice and the use of this script accordingly. BBRound Trippin’ exploits remote access to the server and to your client.
There are a lot of scripts like this in forums on the internet, and probably more on GitHub as well. The truth is I worry a little bit about how people are using them and if they are putting enough effort in isolating the users credentials.
I’d like to offer a setup that is at least reasonable, if not diligent.
-
I’m assuming you have access to configure SSH on the server, and your client mac of course.
-
I’m not going to cover how to call back to your mac client from across the internet or navigate your local firewall, router, vpn etc.
-
I’m also betting you know a little about SSH key authentication.
-
Finally, you should be familiar with the command line, and setting env variables.
-
Your client computer is a mac (with BBEdit installed) opening an SSH session with a Unix style server.
-
When you open a file with
Server_Prompt$ rtedit file_name.txtthe script sends a properly formatted command with parameters back to your mac via SSH. -
Now BBEdit opens file_name.txt via it’s own SSH (sftp) connections, leaving you with two mac to server connections; one from your terminal, the other from BBEdit.
It’s that second step 🤨; keep an eye on it.
Here is what the command would look like typed out manually:
Server_Prompt$ ssh userC@my_macintosh.local bbedit "sftp://userS@my_server.local"Here are a few options in setting up BB_USER and BB_HOST with various tradeoffs.
~/.bash_profile
# SSH environment
if [ "$SSH_CONNECTION" ]
then
export BB_USER="userC"
export BB_HOST="mymacurl.net"
fiYou can try and configure as much as possible in your local SSH config and shell environment. This will usually mean having control of the server outside your user environment, like say on your own vps.
This primarily means setting BB_USER and BB_HOST localling rather than on the server.
Your hostname/ip can be surmised on from your SSH connection, so BB_HOST is optional, even though I set it manually in all my examples.
~/.bash_profile
# Here be rtedit variables for ssh connections
export BB_USER="userC"
export BB_HOST="$(hostname)" There are a number of ways to setup BB_HOST. On most macs “$(hostname)” will expand to something like my_macintosh.local. You can configure your hostname in the Sharing preference panel. This is great because it avoids using your mac’s ip, which is probably changing all the time.
You also might set a domain like back_to_me_domain.net if you want to point back at your mac from outside your network.
You have to first configure the server. Add this line to your /etc/ssh/sshd_config on the server:
AcceptEnv BB_USER BB_HOST
Lets setup a ~.ssh/config on your mac
Host the_server
HostName my_server.local
User userS
SendEnv BB_USER BB_HOST
Now when you ssh the_serverit will add BB_USER and BB_HOST to that sessions environment.
This does increase your server’s surface area for attack. I think this is reasonable as long as you are not leaving the door wide open and declaring the specific variables you will allow. The upside is that you haven’t put any info about your Mac on the server. It lives and dies with that specific SSH connection. Tradeoffs, security is hard.
OpenSSH added the configuration SetEnv in late 2018. You can check man ssh_config to see if your version supports it. It’s a better option as you can configure BBRound Trippn’ in ~.ssh/config on a host by host basis.
Host local_server
HostName my_server.local
User userS
SetEnv BB_USER=userC BB_HOST=my_macintosh.local
SendEnv BB_USER BB_HOST
Host remote_server
HostName my_server.net
User userRS
SetEnv BB_USER=userC BB_HOST=back_to_me_domain.net
SendEnv BB_USER BB_HOST
Don’t use a password, and have only one set of keys.
You should have an SSH key pair set up in order to login to your server.
You don’t want to make a set of keys on the server, but you have to make an SSH connection back to your mac. You can use Agent Forwarding to to safely pass your private key from your mac to your server and back to your mac.
Add your public key to ~/.ssh/authorized_keys
Set up your ~.ssh/config like so.
Host the_server
HostName my_server.local
User userS
SetEnv BB_USER=userC BB_HOST=my_macintosh.local
SendEnv BB_USER BB_HOST
AddKeysToAgent yes
IdentityFile ~/.ssh/<private_key>
ForwardAgent yes
I added a variable called BB_SSH_HOST, it is optional. By default the script figures the server_name@server_host string on the server. You use BB_SSH_HOST if you want BBEdit to use a specific SSH host to call back.
You might want to configure a host to use ssh multiplexing so that after you initially open a file, subsequent saves can be faster.
With a configuration something like this:
Host remote_server
HostName my_server.net
User userRS
SetEnv BB_USER=userC BB_SSH_HOST=remote_server
SendEnv BB_USER BB_SSH_HOST
ControlPath ~/.ssh/control-socket-%C
ControlMaster auto
ControlPersist 5m