PMISuite/BackTunnel
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add backtunnel-umount script, host key policy support, and extend TUI/CLI integration

Browse Source 
Introduce `backtunnel-umount` as a portable unmount helper, preferring `fusermount3`, `fusermount`, or `umount`. Add `BACKTUNNEL_HOSTKEY_POLICY` for configurable host key handling in `backtunnel-share` and `backtunnel-access`. Update TUIs for remote folder prompts and mount point handling. Enhance bash completion for TUI commands with directory suggestions. Revamp terminal selection logic in `backtunnel-open-term` to prioritize modern emulators like wezterm. Extend tests with scaffolds for host key policy and unmount behavior. Update README with new scripts, workflows, features, and troubleshooting tips.
This commit is contained in:
Matjaž Mozetič
2025-09-21 18:56:15 +02:00
parent 0e82955af5
commit ae8ab9a7e0
9 changed files with 344 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
scripts/backtunnel-access
View File

@@ -41,6 +41,13 @@ set -euo pipefail
PORT=2222
MOUNTPOINT="$HOME/remote-rssh"
# Host key checking policy: env BACKTUNNEL_HOSTKEY_POLICY = yes|no|ask|accept-new (default: accept-new)
HKP="${BACKTUNNEL_HOSTKEY_POLICY:-accept-new}"
case "$HKP" in
yes|no|ask|accept-new) ;;
*) HKP="accept-new" ;;
esac
usage() {
echo "Usage: $0 /path/to/folder from remoteuser:remotehost [-p PORT] [-m MOUNTPOINT]" >&2
exit 1
@@ -151,7 +158,7 @@ if [[ -f "$HOME/.ssh/id_ed25519_backtunnel" ]]; then
SFTP_ID_OPTS+=( -o IdentityFile="$HOME/.ssh/id_ed25519_backtunnel" -o IdentitiesOnly=yes )
fi
if ! ssh -o BatchMode=yes -o StrictHostKeyChecking=accept-new \
if ! ssh -o BatchMode=yes -o StrictHostKeyChecking="$HKP" \
-p "$PORT" "${SSH_IDENTITY_OPTS[@]}" "$REMOTE_USER@localhost" true 2>/dev/null; then cat >&2 <<EOF
⚠️ Passwordless auth not set for $REMOTE_USER@localhost:$PORT.
You can initialize a tunnel-only, SFTP-only key with:
@@ -164,14 +171,14 @@ fi
echo "Checking remote path visibility via SFTP ..."
# Purpose: quick sanity check that the target path is visible over SFTP before mounting.
if ! sftp -q -P "$PORT" -o StrictHostKeyChecking=accept-new "${SFTP_ID_OPTS[@]}" \
if ! sftp -q -P "$PORT" -o StrictHostKeyChecking="$HKP" "${SFTP_ID_OPTS[@]}" \
"$REMOTE_USER@localhost" <<< "ls -1 \"$FOLDER\"" >/dev/null 2>&1; then
echo "⚠️ Remote path '$FOLDER' not listable via SFTP. It may not exist or permissions deny access." >&2
echo " Proceeding to mount; sshfs may fail if the path is invalid." >&2
fi
# Build ssh command used by sshfs (adds keepalive/connect-timeout, identity if present).
SSH_CMD="ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=accept-new"
SSH_CMD="ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=$HKP"
# If identity options are present, append them to SSH_CMD
if [[ ${#SSH_IDENTITY_OPTS[@]} -gt 0 ]]; then
# Join array safely
@@ -190,4 +197,4 @@ sshfs \
-- "$REMOTE_USER@localhost:$FOLDER" "$MOUNTPOINT"
echo "✅ Mounted at: $MOUNTPOINT"
echo "To unmount: fusermount -u \"$MOUNTPOINT\" || fusermount3 -u \"$MOUNTPOINT\""
echo "To unmount: backtunnel-umount \"$MOUNTPOINT\""