Skip to content

Open files with the bbedit cli-tool from the server.

Notifications You must be signed in to change notification settings

CiiDub/bbround-trippin

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 

Repository files navigation

BBRound Trippin’

Open files with the bbedit cli-tool from the server.

BBEdit is a stalwart commercial text editor for the Macintosh computer.

It offers a Command-line tool: bbedit. This script invokes it over SSH.

Use it in a very similar way as you would with local files:

  • Server_Prompt$ rtedit file.txt --> opens file.txt.

  • Server_Prompt$ rtedit . --> opens BBEdit’s sftp browser to the current directory.

  • Server_Prompt$ rtedit ~ --> opens BBEdit’s sftp browser to the home directory.

  • Server_Prompt$ rtedit /etc --> opens BBEdit’s sftp browser to the etc directory.

Including pipes and flags:

  • Server_Prompt$ man seq | col -b | rtedit --view-top -m "unix-man-page" --> Opens the manual for seq in BBedit with the language set to Unix man page and the window scrolled to the top.

Install and configure.

  1. Copy shell script rtedit to a server you can configure. If you rename the script bbedit the command will look exactly like their local version

  2. Place in a dir accessable by the users PATH. Such as /usr/local/bin.

  3. Make the script executable.

  4. Set env variable BB_user to your username on the client mac.

  5. Set env variable BB_host to the hostname of the client mac. -This is optional

Admissions, assumptions, concerns, and more configurations.

I am not a security expert, so weigh my advice and the use of this script accordingly. BBRound Trippin’ exploits remote access to the server and to your client.

There are a lot of scripts like this in forums on the internet, and probably more on GitHub as well. The truth is I worry a little bit about how people are using them and if they are putting enough effort in isolating the users credentials.

I’d like to offer a setup that is at least reasonable, if not diligent.

  • I’m assuming you have access to configure SSH on the server, and your client mac of course.

  • I’m not going to cover how to call back to your mac client from across the internet or navigate your local firewall, router, vpn etc.

  • I’m also betting you know a little about SSH key authentication.

  • Finally, you should be familiar with the command line, and setting env variables.

The breakdown.

  1. Your client computer is a mac (with BBEdit installed) opening an SSH session with a Unix style server.

  2. When you open a file withServer_Prompt$ rtedit file_name.txt the script sends a properly formatted command with parameters back to your mac via SSH.

  3. Now BBEdit opens file_name.txt via it’s own SSH (sftp) connections, leaving you with two mac to server connections; one from your terminal, the other from BBEdit.

It’s that second step 🤨; keep an eye on it.

Here is what the command would look like typed out manually:

Server_Prompt$ ssh userC@my_macintosh.local bbedit "sftp://userS@my_server.local"

Your mac is your safe place.

Try and configure as much as possible in your local SSH and shell environments. Even hardcoding your username can be avoided.

This primarily means setting BB_user and BB_host localling rather than on the server.

Your hostname/ip can be surmised on from your SSH connection, so BB_host is optional, even though I set it manually in all my examples.

First declare them locally:

~/.bash_profile

export BB_user="userC"
export BB_host="$(hostname)"

There are a number of ways to setup BB_host. On most macs “$(hostname)” will expand to something like my_macintosh.local. You can configure your hostname in the Sharing preference panel. This is great because it avoids using your mac’s ip, which is probably changing all the time.

You also might set a domain like back_to_me_domain.net if you want to point back at your mac from outside your network.

Send the variables to your SSH session:

You have to first configure the server. Add this line to your /etc/ssh/sshd_config on the server:

AcceptEnv BB_user BB_host

Lets setup a ~.ssh/config on your mac

Host the_server
	HostName my_server.local
	User userS
	SendEnv BB_user BB_host

Now when you ssh the_serverit will add BB_user and BB_host to that sessions environment.

An alternative to declaring BB_user and BB_host in your local environment.

OpenSSH added the configuration SetEnv in late 2018. You can check man ssh_config to see if your version supports it. It’s a better option as you can configure BBRound Trippn’ in ~.ssh/config on a host by host basis.

Host local_server
	HostName my_server.local
	User userS
	SetEnv BB_user=userC BB_host=my_macintosh.local
	SendEnv BB_user BB_host

Host remote_server
	HostName my_server.net
	User userRS
	SetEnv BB_user=userC BB_host=back_to_me_domain.net
	SendEnv BB_user BB_host

Authentication and the SSH Agent:

Don’t use a password, and have only one set of keys.

You should have an SSH key pair set up in order to login to your server.

You don’t want to make a set of keys on the server, but you have to make an SSH connection back to your mac. You can use Agent Forwarding to to safely pass your private key from your mac to your server and back to your mac.

Add your public key to ~/.ssh/authorized_keys

Set up your ~.ssh/config like so.

Host the_server
	HostName my_server.local
	User userS
	SetEnv BB_user=userC BB_host=my_macintosh.local
	SendEnv BB_user BB_host
	AddKeysToAgent yes
	IdentityFile ~/.ssh/<private_key>
	ForwardAgent yes

That’s it, everything should work and you haven’t hard coded any sensitive information about your mac on the server.

About

Open files with the bbedit cli-tool from the server.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages