I have an entry in my .ssh/config file that looks like:
Host ip-172-16-*
ProxyCommand ssh jeff#jumpdev.example.org nc %h %p
User ubuntu
IdentityFile ~/.ssh/id_rsa_aws
StrictHostKeyChecking no
ForwardAgent yes
As most know this will allow me to run:
ssh ip-172-16-2-108.ec2.internal and I drop onto the private server, as the default user for Ubuntu EC2 instances - ubuntu. I'm looking to take some specific actions on create.
Ultimately what i am looking for is the same functionality with either scala-ssh, jassh or directly from jsch
I'm not asking for anyone to suggest a library, just how/if this functionality is supported. With jassh, i've attempted with the Proxy options with no luck.
Ultimately i could shell out directly to ssh, but even with ammonite, it won't load the config if using %('ssh, Symbol("ip-172-16-2-108.ec2.internal"). I thought that would use the base ssh, which would load the config and match, like bare ssh. I could also set up my config not to use nc
This does sound like i'm asking for a library, so if it gets closed, so be it, but i've tried 4 directly and none, seem to completely support .ssh/config
TIA,
Jeff
I know there are other answers, but I found that by switching from ProxyCommand to ProxyJump in my .ssh/config allowed ammonite to work perfectly. Also since all I need is a solution to this problem and am already using ammonite, it is a good match.
If others have other experiences, I think this is a good question to leave open, as we're talking about specific libraries which are all built off Jcsh.
FWIW, my .ssh/config now looks like:
Host ip-172-16-*
ProxyJump jeff#jumpdev.example.org
User ubuntu
IdentityFile ~/.ssh/id_rsa_aws
StrictHostKeyChecking no
ForwardAgent yes
Hope this helps someone.
Related
I have a Java Application that uses JPA on a file DB.
I want only one instance of my application running (Note that the DB gets locked to the first instance of the application).
How could I check if my DB is locked or not, and present a message to the user?
Telnet your DB with its ip and the port number.
Eclipse solve this solution with a .lock file. Other solution can be: try to use a port: bind to port 12345. If you can than you are the only one king of the hill if you can't, than maybe other are using that hill. Any other apps can.
The .lock file has many disadvantages too.
And the last and best solution is: do it with platform dependent at way at OS level via JNI, but require a lot of work and has disadvantages too.
I want to write 2 Device Communication Servers for use with OpenGTS (Enterprise). Devices are Teltonika FM4200 and WirlessLinks Piccolo STX. can u give me a some tutorial or something useful. I still don't have idea on it.
Instead of DCS you can use Traccar server which already supports FM4200, the second device might already be supported as well, I just need some message examples to verify that. Configuration file to integrate two systems can be found here.
I have two Play framework web applications running on my system on ports 9001 and 9002. I was wondering if there was any way I could retrieve which port they were running on from within my Java code.
Is this possible?
Yes. You can get the port like this:
int port = Integer.parseInt(Play.configuration.getProperty("http.port", 9000));
Of course, you have to import the class play.Play.
In Play 2.4.x:
Play.application().configuration().getString("http.port");
or simply:
System.getProperty("http.port");
This only works in production mode, when the http.port is set via the Java -D parameter.
Since the system does not let me comment yet, I'm forced to add my comment here.
The given answer by Carsten must be for play1, for play2 see Retrieving port number in Play Framework 2 app
I need to run a java application (not an applet or JNLP, but a full blown application in the JRE) and need some restrictions on:
File System - The app could only access 1 folder to read & write (this would be a fixed path for the app's reference like / )
Ports - The app could only access several local ports. (eg could only access port 8080 / 3306 only)
Is there a way to do this? I have searched through Java Security & Policies but came nothing close to a solution.
I am considering to write a container to run this app or changing / overriding the classes (in case of OpenJDK). Is this ok?
This is for an open source project that we are about to start, Appreciate some good advice from the wise StackExchange community.
regards
First and most basic, run the java application with a user who has the minimum permissions required for the app to do its work.
Secondly, set the java SecurityManager and configure it.
SJuan76 has the right answer here. The SecurityManager is the appropriate way to restrict files/directories a java app can access. This tutorial might be a good guide to setting that up.
You can restrict the ports your java app listens on. But restricting ports really requires an OS level firewall to be configured.
I'm currently writing a Java application to be used with a Windows-Machine authed with an ActiveDirectory. The application basically only needs to know the user's name and hostname. I know there are
System.getProperty("user.name")
and
java.net.InetAddress.getLocalHost().getHostName()
But I am not sure wether System.getProperty("user.name") will function correctly with the VM running on windows (I searched google and found a lot of threads saying it might not work with windows, as it might return something different, depending on the environment-variables
(and I am currently unable to test it [I'm running ubuntu and archLinux]).
So, I wondered if there is a better and more secure way to handle this and stumbled upon NTSystem .
But NTSystem does not seem to be available on Linux (which I use for developing), which - I think - is due to calling native windows code.
My question would hence be: "Is there a secure way to retrieve the logged in user's name in Windows and if yes - how would you accomplish that?"
user.name is inherently insecure because it can be overridden via -Duser.name=XYZ. This might be an issue for you, or it may not be
Obviously NTSystem won't work on Linux but you mention that you are writing a GUI to be run on Windows. Are you trying to validate the Windows user name of the user? You can do this via NTSystem embedded in the code which runs on the Windows client but not (of course) code which runs under the Linux OS.
Or are you trying to validate them on a Linux server? Perhaps you have a kerberos domain you could do this with? (i.e. if there is a kerberos domain, then you can have a secure, authenticated communication between client and server, ensuring that the client is who they say they are)
EDIT: I may be confused by the fact you are saying that you're writing a Java App "in Linux". I took this to mean a Linux server and Windows client - but possibly you just mean that you are using Lenux as your development environment? In this case, you might think of writing a pluggable identification layer which you can switch between using NTSystem on the Windows box and user.name for testing
Use JNA, com.sun.platform.jna.win32 has a number of methods to do this wrapping the Win32 API. Try Advapi32Util.getUserName or Kernel32Util.getUserNameEx.