https://rancher.com/ logo
Title
h

hundreds-crowd-93261

06/23/2022, 5:55 PM
does anyone know how to craft an SSH config using eg: proxycommand with limactl so that
ssh $lima_vm
works directly? I’ve got an ssh alias, which calls my ssh binary that handles setting TERMINFO on the remote end (for Kitty terminal) and id like to have that functionality, but it’s cumbersome to
eval "$(limactl show-ssh my-vm-name)"
f

fast-garage-66093

06/23/2022, 5:58 PM
idk, but why don't you define a shell alias or a small wrapper script?
h

hundreds-crowd-93261

06/23/2022, 6:00 PM
this is basically what you can leverage ssh proxycommand for, in many cases, and then lets you supply additional flags, etc.
i was gonna write a script but figured i would give this a shot, since ive done it before for other tools, but can’t figure it out this time 😅
f

fast-garage-66093

06/23/2022, 6:01 PM
Put a fixed port into your
lima.yaml
file and then copy the arguments for
show-ssh
into your proxy command?
h

hundreds-crowd-93261

06/23/2022, 6:11 PM
i don’t think the port is an issue
sh -c "$(/opt/homebrew/bin/limactl show-ssh docker)"
works in my shell, but this doesn’t: `~/.ssh/config`:
host docker
    ProxyCommand sh -c "$(/opt/homebrew/bin/limactl show-ssh %h)"
ssh -v docker
Pseudo-terminal will not be allocated because stdin is not a terminal.
-bash: line 1: $'SSH-2.0-OpenSSH_8.6\r': command not found
f

fast-garage-66093

06/23/2022, 6:19 PM
That's why I suggested a wrapper. I have a
bin/wrapper
directory at the very front of my
PATH
that modifies existing commands. A trivial example is always adding
--mmap
to the
ag
command:
#!/bin/bash
set - --mmap "$@"
exec $(type -a -P $(basename $BASH_SOURCE) | grep -v $BASH_SOURCE | head -1) "$@"
You could create a similar wrapper for
ssh
, add some heuristics to determine the host name your are connecting to, and if it matches your lima VM name, modify
$@
as necessary, or set additional environment variables or whatever.
Here is a
kubectl
wrapper that adds AWS secrets to the environment when the kubeconfig includes
aws
commands:
$ cat kubectl
#!/bin/bash

kubeconfig="${KUBECONFIG}"
if [ -z "${kubeconfig}" ]; then
    kubeconfig=$HOME/.kube/config
fi
if [ -r "${kubeconfig}" ]; then
    if grep -q "command: aws" "${kubeconfig}"; then
        export AWS_ACCESS_KEY_ID=$(kc-env get AWS_ACCESS_KEY_SPLATFORM)
        export AWS_SECRET_ACCESS_KEY=$(kc-env get AWS_SECRET_KEY_SPLATFORM)
    fi
fi

exec $(type -a -p $(basename $BASH_SOURCE) | grep -v $BASH_SOURCE | head -1) "$@"
It is a bit crude, but works for me because I typically don't have AWS clusters defined locally, so only need to inject credentials occasionally.
And I just notice that Rancher Desktop has broken this wrapper by adding itself to the front of my
PATH
. I should have used the "Manual" config option. 😄
$ type -a -p kubectl
/Users/jan/.rd/bin/kubectl
/Users/jan/Dropbox/bin/wrapper/kubectl
/usr/local/bin/kubectl
h

hundreds-crowd-93261

06/23/2022, 6:27 PM
i figured out what i needed
host docker
    ProxyCommand sh -c "$(limactl show-ssh %h) nc 127.0.0.1 22"
total hack though since i think this tunnels it twice
f

fast-garage-66093

06/23/2022, 6:30 PM
Yeah, but if it works... 🤷
h

hundreds-crowd-93261

06/23/2022, 6:31 PM
yet i still have issues with my terminfo 😡
ah nvm its sudo causing that issue
f

fast-garage-66093

06/23/2022, 6:33 PM
sudo
is the
root
cause 😄
🥁 1
🤦 1
h

hundreds-crowd-93261

06/23/2022, 8:57 PM
even simpler: Host docker
Host docker
    ProxyCommand limactl shell %h nc 127.0.0.1 22
and automagic:
# match lima VM names and use limactl to ssh to them
Match exec "limactl list -q | grep -q '%h'"
    ProxyCommand limactl shell %h nc 127.0.0.1 22