Wednesday, January 22, 2014

Cygwin - Using alternate home root

Often, you wish to use an alternate home root in your Cygwin environment. In Cygwin Webpage, it provides the following in Example 3.11

mkpasswd -l -p "$(cygpath -H)" > /etc/passwd


-l means print local user account

-p "$(cygpath -H)" means set specific home path with cygpath command. cygpath convert Unix and Windows format path to Cygwin path (ie, /cygdrive/c/). cygpath -H means output current Home root for the current user.

To include domain users in the output, add -d switch

mkpasswd -d -l -p "$(cygpath -H)" > /etc/passwd


However, this method makes an assumption that you have write access to /etc/passwd. Normally, your system administrator does not give you write access to this file. In addition, the above command overwrite /etc/passwd which could be dangerous.

An alternative solution is to create a HOME user environmental variable in Windows.

When Cygwin start up, it checks for a HOME environmental variable in the system. If the variable is found, Cygwin will set user home path to the HOME environmental variable, else, it will default to system home root. This solution can be done by any user and less invasive

To use this solution, do the following

1. Open Environmental Variable dialog box

2. Create a HOME user environmental variable. Set the value to your desired home path

3. Apply the setting.

4. Restart your Cygwin shell and Cygwin should point your home root to your HOME environment variable. You can perform a echo $HOME or pwd to see the current setting

Tuesday, January 21, 2014

SSH - SSH Tunneling

SSH Tunneling are useful for the following scenario

1. Bypassing firewall to access certain prohibited Internet services
2. Poor man VPN

In a nutshell, SSH tunneling is forwarding a specific local port to port at a remote machine over a encrypted tunnel created by SSH protocol connection.

While there are GUI SSH clients that help to setup SSH tunnel (ie, PuTTY), below are some ssh command that will do the same

In general, the ssh tunnel command format is

ssh username@your_ssh_server -f -N -L local_port:remote_host:remote_port


-f means executes command at background
-N means do not execute a remote command
username@your_ssh_server means your ssh connection information
-L local_port:remote_host:remote_port means your binding port information

For example, if a firewall policy blocks Google access, you can try to bypass the firewall through a SSH tunnel as follows

ssh -f -N -L

The above command set up a ssh tunneling via that you have access. It forwards any request from localhost:12345 to through the ssh tunnel. So, when you type localhost:12345 at your favorite browser, it will fetch via the ssh tunnel.