#!/bin/sh # open an ssh tunnel for tunneling ssh traffic from offsite linux system # #@(#) nxtunnel #----------------------------------------------------------------------- # Version History #----------------------------------------------------------------------- # 1.003.00 2019/09/19 cuffe@jlab.org - RHEL7 migration, added fiefdoms # 1.002.00 2013/09/10 cuffe@jlab.org - converted to use acclogin # 1.001.00 2010/04/07 cuffe@jlab.org - inital revision #----------------------------------------------------------------------- # Debug variables #----------------------------------------------------------------------- # Print shell commands as they are executued #set -x # Run the script but do not actually execute any commands #set -n #----------------------------------------------------------------------- # Configuarable Variables #----------------------------------------------------------------------- # This will be the size of your remote desktop #GEOMETRY="1024x768" #GEOMETRY="80%" GEOMETRY="1280x1024" #----------------------------------------------------------------------- # Global Variables #----------------------------------------------------------------------- # TUNNEL_HOST should be the login server # NX_HOST should be the Accelerator system you are tying to login into TUNNEL_HOST=acclogin.jlab.org TUNNEL_PORT=2222 NX_HOST=opsnx7.acc.jlab.org #----------------------------------------------------------------------- # Command Variables #----------------------------------------------------------------------- SSH=`which ssh` BIN_LIST="$SSH" # Fiefdom List FIEFDOM_LIST='CHL CSM DEV FEL ITF OPS SRF' DEFAULT_FIEFDOM="OPS" USERNAME="$USER" #----------------------------------------------------------------------- # Functions #----------------------------------------------------------------------- function usage { echo "usage: $0 [fiefdom]" echo "" echo "This script is used to open a tunnel through the acc login server" echo "to one of the Linux Remote Desktop Servers running NX" echo "It was written for Linux and OSX" echo "" echo "It takes an optional fiefdom as an argument." echo "Valid fiefdoms are:" echo " $FIEFDOM_LIST" echo "" echo "Examples:" echo "$0" echo "$0 dev" echo "$0 chl" echo "" } function checkfile { if [ ! -f $1 ];then echo "Could not find file $1" echo "Please make sure it is installed and in your path" exit 1 fi if [ ! -x $1 ];then echo "Could not execute file $1" exit 1 fi } function checkfiefdom { ret=0 CHECK=`echo $1 | tr "[a-z]" "[A-Z]"` #echo $CHECK for FIEF in $FIEFDOM_LIST do if [ $CHECK = $FIEF ]; then ret=1 fi done return $ret } function getfiefdom () { printf "Enter target fiefdom: [$DEFAULT_FIEFDOM]" read fiefdom if [ -z "$fiefdom" ]; then fiefdom=$DEFAULT_FIEFDOM fi checkfiefdom $fiefdom if [ $? = 0 ]; then echo "$fiefdom is not a valid fiefdom." echo "" echo "Valid fiefdoms are:" echo $FIEFDOM_LIST echo "" getfiefdom fi FIEFDOM=$fiefdom echo "" } function getuser { printf "Username: [$USERNAME]" read NEWUSERNAME if [ -z "$NEWUSERNAME" ];then USERNAME=$USERNAME else USERNAME=$NEWUSERNAME fi } #----------------------------------------------------------------------- # Process Options #----------------------------------------------------------------------- while getopts ":h" opt; do case $opt in h) usage exit 0 ;; \?) echo "Unknown Option: $opt" usage exit 1 ;; *) echo "Unknown Option: $opt" usage exit 1 ;; esac done # The expression $(($OPTIND - 1)) is an arithmetic expression equal to $OPTIND minus 1. # This value is used as the argument to shift. The result is that the correct number of # arguments are shifted out of the way, leaving the "real" arguments as $1, $2, etc. shift $(($OPTIND - 1)) #----------------------------------------------------------------------- # Data File Sanity Check #----------------------------------------------------------------------- for BIN in $BIN_LIST do checkfile $BIN done #----------------------------------------------------------------------- # User Info #----------------------------------------------------------------------- getuser #----------------------------------------------------------------------- # Fiefdom Check #----------------------------------------------------------------------- if [ $# -lt 1 ]; then getfiefdom else FIEFDOM=$1 checkfiefdom $FIEFDOM if [ $? = 0 ]; then echo "$FIEFDOM is not a valid fiefdom." echo "" getfiefdom fi fi case "$FIEFDOM" in CHL|chl) NX_HOST=chlnx7.acc.jlab.org ;; CSM|csm) NX_HOST=csmnx7.acc.jlab.org ;; DEV|dev) NX_HOST=devnx7.acc.jlab.org ;; FEL|fel) NX_HOST=felnx7.acc.jlab.org ;; ITF|itf) NX_HOST=itfnx7.acc.jlab.org ;; OPS|ops) NX_HOST=opsnx7.acc.jlab.org ;; SRF|srf) NX_HOST=srfx7.acc.jlab.org ;; esac #----------------------------------------------------------------------- # Open Tunnel and Desktop #----------------------------------------------------------------------- echo "FIEFDOM: $FIEFDOM" echo "USER: $USERNAME" echo "HOST: $TUNNEL_HOST" echo "PORT: $TUNNEL_PORT" echo "NX HOST: $NX_HOST" echo "" echo "Configure NX client to connect to localhost:$TUNNEL_PORT" echo "" ssh -4 -f -N -C -L $TUNNEL_PORT:$NX_HOST:22 $USERNAME\@$TUNNEL_HOST #----------------------------------------------------------------------- # Kill any left over tunnels #----------------------------------------------------------------------- echo '' echo 'Waiting to cleanup and kill all tunnels' echo 'Would you like to kill all tunnels now?' read RESPONSE case $RESPONSE in y* | Y*) echo '' for i in `ps -ef | grep ssh | grep $NX_HOST | awk '{print $2}'` do echo "Killing Tunnel with PID $i" kill -9 $i done ;; *) echo "Please manually kill the following tunnels:" echo "ps -ef | grep ssh | grep $NX_HOST" ps -ef | grep ssh | grep $NX_HOST exit 0 ;; esac exit 0