extern/sshuttle
1
1
Fork 0
mirror of https://github.com/sshuttle/sshuttle.git synced 2025-06-16 23:06:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

Make password prompting more clear.

Browse Source 
Based on suggestions by Jason Grossman and Ed Maste on the mailing list.

We now add a [local su] prefix to the 'su' password prompt (by cheating and
printing it before calling su), and we replace the 'sudo' password prompt
with '[local sudo] Password: ' (by using the little-known and
hopefully-portable -p option).

We no longer call sudo or su if the uid is already 0; otherwise the prefix
on the 'su' prompt would look weird, since su wouldn't ask for a password in
that case.

We don't add a prefix to the ssh password prompt, because it's too hard to
tell if there will *be* an ssh password prompt.  But people will probably
assume that the password request is for the server anyway; few people are
likely to think that 'sshuttle -r myhost.com' is going to prompt for the
*local* password.

Of course none of this is a problem on a modern OS, like Debian, that would
say something like "Password for apenwarr@myhost.com:" instead of just
"Password:".  MacOS doesn't do that, however, so I assume many other OSes
also don't.  Let's try to help them out.
This commit is contained in:
Avery Pennarun 2010-11-08 23:27:02 -08:00
parent fe742c928d
commit bcf1892305
2 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -54,8 +54,14 @@ This is how you use it:
- <tt>./sshuttle -r username@sshserver 0.0.0.0/0 -vv</tt> - <tt>./sshuttle -r username@sshserver 0.0.0.0/0 -vv</tt>
(You may be prompted for one or more passwords; first, the
local password to become root using either sudo or su, and
then the remote ssh password. Or you might have sudo and ssh set
up to not require passwords, in which case you won't be
prompted at all.)
That's it! Now your local machine can access the remote network as if you That's it! Now your local machine can access the remote network as if you
were right there! And if your "client" machine is a router, everyone on were right there. And if your "client" machine is a router, everyone on
your local network can make connections to your remote network. your local network can make connections to your remote network.
You don't need to install sshuttle on the remote server; You don't need to install sshuttle on the remote server;

6
client.py
View File

@ -31,7 +31,7 @@ class FirewallClient:
['-v'] * (helpers.verbose or 0) + ['-v'] * (helpers.verbose or 0) +
['--firewall', str(port)]) ['--firewall', str(port)])
argv_tries = [ argv_tries = [
['sudo'] + argvbase, ['sudo', '-p', '[local sudo] Password: '] + argvbase,
['su', '-c', ' '.join(argvbase)], ['su', '-c', ' '.join(argvbase)],
argvbase argvbase
] ]
@ -45,8 +45,12 @@ class FirewallClient:
# run in the child process # run in the child process
s2.close() s2.close()
e = None e = None
if os.getuid() == 0:
argv_tries = argv_tries[-1:] # last entry only
for argv in argv_tries: for argv in argv_tries:
try: try:
if argv[0] == 'su':
sys.stderr.write('[local su] ')
self.p = ssubprocess.Popen(argv, stdout=s1, preexec_fn=setup) self.p = ssubprocess.Popen(argv, stdout=s1, preexec_fn=setup)
e = None e = None
break break