ssh
VirtualBox Manager Pro – UI Updates and Stability
May 23rd
I have added a variety of user interface updates to the pro version. In addition to the toast popups actual notifications add a sence of feedback and depth to the program. I want the program to feel that its actually aware of what you are doing and processing interactions accordingly. I feel with recent enhancements this is becoming more and more the case.
I have fixed a couple of potential situations where an i/o exception can occur. I have also added enhancements that clarify a particular action based on the current state of setting. All in all the depth and feedback offered by the application is improving.
Without substantial feedback/comments by actual users, I see very little confusion using the app and no bugs. Every action performs accordingly. The primary situation I think users may encounter is the inability to login. In such a situation the connecting dialog will just continue to spin. VirtualBox Manager is designed for users to first login to a host using password authentication. Therefore for each host the first connection must be made to an ssh server with PasswordAuthentication set to yes in /etc/ssh/sshd_config. Withe the correct host/port/username/password set in the app, and port forwarding properly configured in a users router/network a connection will occur. The user can then click the menu, and select generate key; which generated a new 1024 bit DSA key. The user can view the private and public keys directly from buttons in the menu. There are strategic dialog boxes that state the user can then upload the key to the server, which automatically appends it to the bottom of ~/.ssh/authorized_keys2. Pressing upload automatically enabled key login for the particular host. Enabling and disabling key login is done via the hosts configuration options accessible on the main screen.
There are many checks to prevent confusion. A user cannot enable key login unless there is a key. Keys cannot be displayed/uploaded before they are created; which would be an i/o exception. There is also a warning when a user tries to generate a key when a key already exists. This can cause a problem that will prevent other hosts from loggin in; if the key changes it will no longer match the public key stored on the host. A dialog will appear explaining that password login will be re-enabled for the host, and that when the key is uploaded password authentication will be used. If a new key is generated the user must disabled key authentication for other hosts configured in the app; once logged in to other hosts using password auth the user can easily upload the new public key to the server, reestablishing key based authentication for the respective host.
After a public key is uploaded to the server password authentication can be disabled. This substantially diminishes and practically eliminates the possibility of a brute force intrusion.
The pro version adds support for 20 hosts, and 20 machines per host. This is done using a ScrollView wrapped around each activity. Its a logical addition. If users request support for more hosts it can easily be added.
I want to change the oncreate structure to each of the three activities. I want to initialize the buttons in a background thread. While the UI is fast and there is no visible delay I would like to code the oncreates as such. Frankly given the speed of recent phones I don’t think there will be any visible differences. Theoretically on a slower processor the activity would display with no button, and then as the thread processes the views they will display on the screen one by one.
I will add some additional features in time, but until comments start rolling in a new project is in the works. Linux Manager Pro. I’ll posts as it develops.
VirtualBox Manager – An Android IT Solution
May 16th
Published late last night to the Android Marketplace, VirtualBox Manage is making nice progress. Yesterday I put substantial time and effort into the user interface. Particular the onscreen keyboards, and password entry screen. When the main dialogs appear, prompting for user input, the keyboard views are automatically expanded. In the port dialog a telephone keyboard/numerical keyboard is shown. For the host dialog I will update the keyboard to be web based, with a .com button. The password dialog asterisks out user input, and only shows the last four of the currently set value. Ohh, also the port dialog has a format check presenting a dialog if the data entered is not a number.
The header and background images have been updated. They are dynamic in that on different Android devices both with fit the screen. Each host button begins immediately after the header image, and are dynamically create in the main methods onCreate. Actually the only view in each if the three layouts is the header imageView. Other than that table rows and button views are dynamically populated, collapsed and expanded. I’ve tested different screen sizes in the emulator and the header/background image, and the buttons are dynamically fit to the size of the device screen. The very first thing the application does, on first run, is measure the screen. It happens to work very nicely overall.
Currently the application supports seven hosts. In the onCreate each button for the seven hosts is create and collapsed. When a new host is created the table row is inflated making the view visible. Essentially the default state of all buttons and table rows is invalidated, and then when they are added by the user they are validated.
The delete host activity uses the validation state of the host buttons to populate the layout with views. Like the main activity 7 table rows and buttons are created, and subsequently invalidated. Then the oncreate validates views based on the validation state of buttons in the main activity. The delete host activity is actually a callActivityForResult. In the delete host activity the users can click the host button, as well as the delete button. If the user click the host button finish() is called and upon return that host’s preferences menu is inflated. I though it logical to do. The delete button calls finish(), passing back the array index of the host to be deleted. Deleting the bottom most host is easy, but deleting a host right smack in the middle of the list was a bit tricky because of the dynamic nature of the host buttons. Because all the buttons are built in the onCreate when a user deletes a host in the middle of the list the hosts below the selection need to be shifted up to accommodate new hosts being at the bottom of the list. The code to delete a button in the middle of the list is easily twice as long as the code to delete the bottom most host.
Then of course is Jsch; the meat and potatoes. Jsch is a java based implementation of ssh. After several weeks if getting used to their code, implementation became rather straight forward. There is no documentation by the writer; examples and the source code itself are your only references. Ultimately the examples are useful, and when it came to come more complicated method calls the source code was also nice and neat. Overall I rate Jsch very high when it comes to the functionality of an API. Jsch is used by VirtualBox Manager to connect to the host. Upon connection it executes “VBoxManager list vms”. I then pipe the InputStream through a variety of methods, using traditional stdout manipulation binaries to format the data. Once formatted the data populates strings. These strings serve as the title for the buttons in the Machines class as well has a means of identifying a particular virtual machine to control. VirtualBox Manager reads all the virtual machines in the users home directory. The way Linux runs, VirtualBox must be part of a particular user group to run. Typically all virtual machines are run as a particular user on a host therefore logging in with ssh conveniently gives access, in all but unique/custom circumstances, to all the virtual machines on the host. While VirtualBox Manager will read all of the machines, it will only populate views with the first 7. I will be expanding the limit of hosts, and machines in upcoming releases; this will be a straight forward code expansion. I will recode the main and machine activity to display a different index of various arrays created holding button views.
When a machine button is pressed a dialog opens with various options. These options are those of VBoxManage controlvm and VBoxManage start. It runs very quickly on Verizon, and all my hardware testing was done on a Droid Incredible.
As of now I know of one or two little bugs that I want to address. I will probably fix them tonight. I will make some upgrades here and there to version 1, but I will be enhancing the ui, and cleaning up the code when I release version 2, which will be a paid app; most likely 99 cents or so. I have many ideas for ui upgrades!
Ultimately before releasing version 1 I was working heavily on RSA encrypted login. There is a lot of code in version 1 pertaining to this. 90% of the code is done, with a couple of bugs holding back release. If I can get the RSA login portion of the code working it will be release in an Enterprise level package that will be priced accordingly. As of now I see three versions of the app; the free version, an enhanced non commercial version, and a commercial version.
Jsch on Android
May 9th
Jsch works on android. With the only dependency, jzlib, satisfied the java based implementation of ssh is beginning to code relatively straight forward. After many days of trial and error the correct syntax to the commands, and the methods of particular classes are beginning to make sense. Password login is relatively straight forward, and with a little bit of encryption added to the internal storage location the password should be relatively secure on a mobile device. Ultimately the goal is to create an RSA key on the mobile device, connect initially with a password, and add the public key to the authorized keys file. Then the key on the device can bypass password login altogether.
Right now I have several ssh connections, running various commands, operating in background threads. I’m working on displaying progress bars to add a ui to the connection process. Ultimately the final ssh command will generate output to populate several views in a new activity.
Yes it would be nice for Jsch to have more documentation, but compared to the size, and dependencies requirements, of other java based ssh packages I find the Jsch package well consolidated and not dependency heavy.
Jsch – Java Implementation of SSH
Apr 24th
I’m using jsch in an android application to execute a variety of commands on a host machine.
The commands will produce standard output, which will be captured by the mobile device and stored in a file. Jsch is relatively robust as compared to sshj. In either case importing the classes into an Eclipse project is rather straight forward, just make sure the folders in the jsch package are properly imported to a com.jcraft.* class. The default package will throw dependency errors particularly with jzlib, which is required for ssh compression. Also provideded is a java based implementation of zlib, which imports to com.jcraft.jzlib.
All in all initialize a new jsch object your ready to start coding your ssh protocol for your mobile device.
SSH – Gateway Ports and Forward Reverse Tunnels
Feb 27th
SSH can create forward and reverse tunnels to transmit port data through the encrypted connection. You can create forward tunnels that link the local port of the client machine to the remote port on the server. You can create reverse tunnels that link the remote ports of the server to the local ports on the client. Forward tunnels are created using the -L option. Reverse ports are configured using the -R option. The forward and reverse tunnels work fine when working locally on the client machine, but if you want other hosts, at the client location, to connect to the tunnels you need to enable the gateway ports feature of ssh.
Gateway ports does not work with forward and reverse tunnels on Ubuntu 8.04, the long term support branch. The openssh version included in the repositories does not allow reverse tunnels, and forward tunnels combined, with the -G (gatewayports) option enabled. Forward tunnels do work with the gateway ports feature. Theoretically the option does try and work, but when you operate ssh using -VV you will see that during the connection process the reverse tunnel fails to create.
I think this is an old bug that may have been addressed. I do see posts about successes, therefore I’m inclined to think that new versions of openssh have addressed the bug.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=228064
Instead of installing a newer version of ssh I just implemented an alternative for hosts at the client location. I wanted to use a single computer as a gateway to ports located on a remote server. It would have been nice to consolidate all communications to a single ssh connection.
I ended up using http://haanstra.eu/putty/. Each workstation, at the client location, will establish a direct ssh connection bypassing the gateway ports feature. There will be many ssh connections, but this is all behind the scenes stuff that the employees will never see, and it will provided the needed functionality.
SSH X Forwarding with Compression
Feb 13th
If you plan to forward X applications via ssh, and are using a very slow internet connection you should definitely use compression. The “-C” option will use compression and will substantially increase the data transfer rate in 100 Kb/s or less internet connections. Also with vnc connection, if you are using xtightvncviewer you can effectively decrease the quality of the desktop, which is proportionally increase performance. For more information about xtightvncviewer check here:
http://www.bgevolution.com/blog/vnc-compression-quality-the-works/
You’d be surprised at what you can get accomplished on slow internet connections using the tips above.
Related articles by Zemanta
- Keep SSH Sessions Active, Or Reconnect? (ask.slashdot.org)
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=c7055344-07cd-4293-9015-9d8e0f21e4bd)