Comments on: Use Your SSH Client To Help Prevent Stupid Mistakes https://pthree.org/2011/09/06/use-your-ssh-client-to-help-prevent-stupid-mistakes/ Linux. GNU. Freedom. Tue, 31 Oct 2017 18:00:46 +0000 hourly 1 https://wordpress.org/?v=5.0-alpha-42199 By: foo https://pthree.org/2011/09/06/use-your-ssh-client-to-help-prevent-stupid-mistakes/#comment-115946 Sun, 11 Sep 2011 22:10:12 +0000 http://pthree.org/?p=2007#comment-115946 Probably you want this too:

http://packages.debian.org/sid/molly-guard

]]>
By: Paul Tansom https://pthree.org/2011/09/06/use-your-ssh-client-to-help-prevent-stupid-mistakes/#comment-115940 Wed, 07 Sep 2011 15:17:43 +0000 http://pthree.org/?p=2007#comment-115940 OK, after some experimentation I found I needed to use:

echo -e '33[31mPRODUCTION33[39m'

instead of the print command on my Ubuntu installs (Bash), but it seems there is little point using it anyway as it all happens in a flash before switching to screen/byobu so you barely see it!

Oh well, time to take a look at the PS1 option now I've started playing 🙂

]]>
By: Paul Tansom https://pthree.org/2011/09/06/use-your-ssh-client-to-help-prevent-stupid-mistakes/#comment-115939 Wed, 07 Sep 2011 13:44:22 +0000 http://pthree.org/?p=2007#comment-115939 I've used figlet to produce a large reminder of which machine I've logged into using the motd for some years, although that doesn't help much if you've left screen running! I'll have to take a closer look at this, although I do like the idea of the colour coded PS1 too. Time for a bit of playing I think 🙂

]]>
By: Aaron Toponce https://pthree.org/2011/09/06/use-your-ssh-client-to-help-prevent-stupid-mistakes/#comment-115938 Wed, 07 Sep 2011 13:37:54 +0000 http://pthree.org/?p=2007#comment-115938 It's not about colored PS1 versus non-colored PS1. My root ZSH prompt is red, and it doesn't matter how many times I login as root, I always know I'm root, because of the red prompt.

However, what your eyes get used to, and your mind starts blocking out, is information. Adding "production" or "root" text to your prompt starts getting ignored quickly. However, with using LocalCommand, you can create an alert that makes you immediately aware of where you are.

So, again, it's not about PS1 versus LocalCommand. It's about making the alert visible, and in your face, so you always know where you are.

]]>
By: Danilo https://pthree.org/2011/09/06/use-your-ssh-client-to-help-prevent-stupid-mistakes/#comment-115937 Wed, 07 Sep 2011 11:14:58 +0000 http://pthree.org/?p=2007#comment-115937 I'm also using $PS1 + colors. I even use them on my local machine, green means normal user and red means root. Red immediately catches your attention, so you won't forget that you're using root permissions. Could also be used on production machines.

The main benefit of this vs. LocalCommand is that with the latter option the warning only appears once and can't be seen anymore after issueing a few commands, while the $PS1 approach is always seen.

]]>
By: Jeremy https://pthree.org/2011/09/06/use-your-ssh-client-to-help-prevent-stupid-mistakes/#comment-115936 Wed, 07 Sep 2011 08:55:09 +0000 http://pthree.org/?p=2007#comment-115936 I would like to voice my support for colour–coded PS1 as well. All my local desktops use green, whereas servers use a combination of yellow or blue depending on where they are.

My brain is trained to know that "green is good, go ahead and apt-get install quake3", and "gold or blue, do you really want to type that quickly?".

]]>
By: grin https://pthree.org/2011/09/06/use-your-ssh-client-to-help-prevent-stupid-mistakes/#comment-115935 Wed, 07 Sep 2011 07:51:49 +0000 http://pthree.org/?p=2007#comment-115935 Actually PS1+color coding is good. Color coding is generally good because your eyes get used to it and it's immediately obvious that you see a different color. PS1 in /etc/profiles or .shellrc helps everyone who uses the machine to see the point, not just me.

]]>
By: Lonnie Olson https://pthree.org/2011/09/06/use-your-ssh-client-to-help-prevent-stupid-mistakes/#comment-115933 Tue, 06 Sep 2011 22:27:49 +0000 http://pthree.org/?p=2007#comment-115933 That is a really cool idea. I've never thought of anything useful to do with LocalCommand. Thanks.

My method to achieve that same goal of identifying the remote end very clearly is to use figlet (http://www.figlet.org/) to display a big banner of the hostname, and perhaps a (normal text) description of the machine. Then add that to the /etc/motd

]]>
By: Aaron Toponce https://pthree.org/2011/09/06/use-your-ssh-client-to-help-prevent-stupid-mistakes/#comment-115932 Tue, 06 Sep 2011 21:46:34 +0000 http://pthree.org/?p=2007#comment-115932 I'm familiar with $PS1. Sure, you can change your prompt to give you more information. However, with prompts, they quickly become backgrounded noise, and you no longer notice the information. Something like this is yet another way to grab your attention, and let you know where you are.

]]>
By: Volans https://pthree.org/2011/09/06/use-your-ssh-client-to-help-prevent-stupid-mistakes/#comment-115931 Tue, 06 Sep 2011 19:44:14 +0000 http://pthree.org/?p=2007#comment-115931 I'm using coloured PS1 on the remote hosts for some years now.

I think this approach is better because has the advantage that the prompt is always visible also after many screens of commands and that can be used for any user, regardless of their SSH client configuration.

Just configure it in one place (two to be precise, /etc/skel/.bashrc and /root/.bashrc, as well as the .bashrc of any existing user) and it's done.

]]>
By: Aaron Toponce https://pthree.org/2011/09/06/use-your-ssh-client-to-help-prevent-stupid-mistakes/#comment-115930 Tue, 06 Sep 2011 16:57:38 +0000 http://pthree.org/?p=2007#comment-115930 Just tried it. Doesn't work. As the manual states, LocalCommand does not have access to the session that ssh(1) spawned. I think this may be as good as it gets. Of course, you could add newlines, and other things to make it blatantly obvious that you're in a production machine.

]]>
By: Aaron Toponce https://pthree.org/2011/09/06/use-your-ssh-client-to-help-prevent-stupid-mistakes/#comment-115929 Tue, 06 Sep 2011 16:53:56 +0000 http://pthree.org/?p=2007#comment-115929 That's actually not a bad idea. But, I'm curious if $PS1 will carry through the connection. I'm not sure that it will, but it's worth a shot.

]]>
By: Christer Edwards https://pthree.org/2011/09/06/use-your-ssh-client-to-help-prevent-stupid-mistakes/#comment-115928 Tue, 06 Sep 2011 16:51:00 +0000 http://pthree.org/?p=2007#comment-115928 What about using the LocalCommand to export a variable, like maybe redefine $PS1 to use your color coding? That way it's always displayed.

]]>