Automatically connect VPN and login server via whitelisted server
Moneo is a remote company that helps startups to turns their ideas to products. And because of security 101 our clients whitelisted one of our IP address for accessing their servers. That IP address is one of our cloud server(A) and we access that server via our VPN. So If our developers wants to access one of our client’s server they need to connect our VPN first, ssh to our cloud server(A) and another ssh to client’s server. It’s boring and I forgot to open VPN every single time.
Today I found some free time and thanks to Tunnelblick’s AppleScript support I automated that proccess.
SSH Config
Firstly, I need to add our cloud server(A) to my local config. moneo is our cloud server(A)
# .ssh/configHost moneo
HostName 10.10.10.10
User emir
Now I can login moneo(A) with: ssh moneo
Secondly, I need to add our clients servers to moneo's(A) config:
# .ssh/configHost app1
HostName 10.10.10.11
Port 2223
User moneoHost app2
HostName 10.10.10.11
Port 2224
User moneo
Now If I would like to connect our clients server(app1 and app2) in my computer all I need to do is:
ssh -t moneo ssh app1
-t option execute commands on a remote host. In English, we said "connect moneo and runs ssh app1."
Bash Script
I would like use something like this: moneo connect app1 (connect responsible for openning VPN connection with Tunnelblick.)
I've already know that I can manage Tunnelblick with AppleScript and I can call my AppleScript’s in bash like this:
osascript file.scpt
OR I can wrap the raw AppleScript in <<EOD
... The last EOD
signalling the end of input has to come at the first position in the line.
Create a new bash script named moneo:
#!/bin/bashTYPE=$1
SERVER=$2if [ "$TYPE" == "connect" ]
then
osascript <<EOD
tell application "Tunnelblick"
connect "MONEOVPN"
get state of first configuration where name = "MONEOVPN"
repeat until result = "CONNECTED"
delay 1
get state of first configuration where name = "MONEOVPN"
end repeat
end tell
EODssh -t git ssh $SERVER
fi
change chmod 755 moneo
and mv moneo /usr/local/bin/moneo
(Be sure /usr/local/bin registered on your $PATH)
Now I can use my brand new command:
moneo connect app1
It automatically connect our VPN and login my client's server via our server.
If you have any questions you can drop a comment and always ping me at Twitter! Good luck!