2007-09-17

secure synergy

now my previous post about keyboard and mouse sharing over network, is incomplete. Being a bit paranoid I do not like my keyboard-events, my clipboard and other data to be passed juste clearly over the network, so I added an ssh-layer:


  • installed cygwin with openssh on the windows machine.

  • put the public ssh-key of my user on laptop into authorized_keys of desktop

  • on laptop: ssh desktopuser@desktop -L24801:localhost:24800

  • on laptop: synergyc localhost:24801



Now I can use this process (setting up ssh-tunnel, and running synergyc), so the configuration (at home, with desktop being iMac) can accept laptop, and without changes to the laptop, mouse of iMac might work too.

The phase of setting up the ssh-tunnel could try to discover what environment it is in (based upon ip-address received from dhcp-server, OR based upon successfull reaching that ssh-server):

I adapted the (in my earlier post introduced synergyc_start script into:
#!/bin/bash
while /bin/true; do
  for host in worklogin@desktop-work homeuser@imac-home; do
    ssh -L24801:localhost:24800 -f ${host} sleep 5;
    [ ${?} = 0 ] && synergyc --no-restart --no-daemon localhost:24801;
  done
done


So now that works fine, but hey, I don't want to add the root@laptop public-key to my authorized keys of my user@desktop.
I changed the script further, using a.o. screen to run programs (in background) but allowing later access to their console.
My new syntergyc_start has been extended to allow root-invocation, but root will execute the ssh-command as sudo -u user:
I also added an option so the command can be executed with argument screen to retrieve the screen on console. The screen is also used to check whether there's an existing command running already.

#!/bin/bash
# will start proxy-ssh-command in detached screen.

CLIENTNAME=laptopname;

if [ -z "${DISPLAY}" ]; then
  echo "no DISPLAY variable set" >&2;
  exit;
fi

if [ "$( id -n -u )" = "root" ]; then
  SUDO="sudo -u laptopuser ";
  screenname=root_synergy_proxy;
else
  SUDO="";
  screenname=user_synergy_proxy;
fi

case "$(hostname)" in
(${CLIENTNAME}|${CLIENTNAME}\.*)
  proxycommand="while /bin/true; do
    for host in DT1user@desktop1 DT2user@desktop2 DT3user@desktop3; do
      ${SUDO} ssh -L24801:localhost:24800 -f \${host} sleep 5;
      [ \${?} == 0 ] && synergyc --no-restart --no-daemon localhost:24801;
    done;
  done;";
;;
(*)
  # only allow invocation on configured machine.
  echo "this script should only run on ${CLIENTNAME}.">&2;
  exit;
;;
esac

#remove possible defunct screens
screen -wipe

#check for existing (running) screen
screen -list|grep -e '\<[0-9]\{1,\}\.'${screenname}'\>' >/dev/null 2>&1;

case "${?}" in
(0) # depending on existing screen, retrieve it (if requested)
    [ $# -eq 1 ] && [ "$1" = "screen" ] && screen -dr ${screenname};
    ;;
(*) # launch the screen instruction (with screen on console if requested)
    [ $# -eq 1 ] && [ "$1" = "screen" ] && resume="" || resume="-d -m";
    screen ${resume} -S ${screenname} bash -c "${proxycommand}"; 
    ;;
esac;

Labels: , , ,

posted by Dieter @ 15:21 1 comments

keyboard and mouse sharing over network

hmmm,

I'm having a laptop and a desktop, and I want both to be controllable by one set of keyboard+mouse. I discovered synergy (client existing for Microsoft Windows, linux, mac os x, ...(?)). You can find it at sourceforge if you don't find it with your distribution.
Now I configured my laptop to be client, my desktop to be server. The server accepting connection from my laptop.
Now I can access my laptop using the keyboard & mouse of my desktop for both.

Configuration of my windows (Server):

  • Start synergy (on windows machine)
  • select "share this computer's keyboard and mouse"
  • press "configure" (see image right).

  • press the + button in the screens-section (once for all machines you wish to configure, add the server like this AND all the clients.
  • in the "Links" section, configure where which display is "logically positioned", so when leaving the display (using the mouse-cursor) at one side, where should it enter (at what side).
    Also provide (if needed) a "return"-link:
    (DON'T THINK that if you configure to leave machine-A through your left-screen-side for the right-screen-side of machine-B, you'll automatically configure the right-side of machine-B to return to the left-side of machine-A, because you don't).

configuring the client:

  • Now you don't have to configure your client, only to launch it and tell it what server to connect. [code]synergyc server[/code] (see man synergyc for extra options).


Now having it working, I set the synergy software to launch automatically

Windows:

  • server to launch automatically (using the "autostart" button on the windows synergy application).


Linux (Ubuntu Feisty Fawn):
implementing suggestions on (amongst others Ubuntu-forums, I also launch synergyc automatically).

  • I created a script synergyc_start with the instructions to execute:
    #!/bin/sh
    synergyc servername
  • and added an invocation of that script in /etc/gdm/Init/Default, before the sysmodmap=-line.
  • and added another invocation of that script in /etc/gdm/PreSession/Default before the XSETROOT=-line.

Labels: , ,

posted by Dieter @ 14:38 0 comments