I don’t know what’s more painful, constantly switching keyboards between machines and virtual machines, or trying to get work done over any kind of remote session. I’ve installed a golden VM on my desktop at the office under VirtualBox. It’s golden because it’s configured in a way that I don’t wish to repeat/re-learn/re-configure. I’m prototyping somethings there which will eventually need to be moved to a production box. So on occasion I find the need to remote log in to my virtual machine running in the office. That requires that I scale the office firewall using a special VPN, with extra secret sauce security, start a remote session on my desktop via the command line, log into the remote session, start the virtual machine from the cmd line using “VMManage” then finally log into the virtual machine. I’ve learned that using the VNC session tied to my idle desktop hardly works due to long standing bugs/issues in KRFB. Also, trying to Use a secondary VNC display (like :1 or something) and log directly into VirtualBox from that display works marginally well. I recently tried VitrualBox TerminalServices support which allows you to use a Microsoft Windows remote desktop client to access the virtual machine. The advantage here would seem that audio is forwarded to the client. After getting this working using more cmd-Fu I learned that the audio forwarding only works with a Windows guest machine. I’ll have to lose a week sometime in the future to learn how to setup esd under Linux to get forwarded audio. Other than that the terminal services client support works marginally well. My latest attempt was to use remote X11 forwarding. Launching Netbeans on a remote VM is slooow. It takes over a minute for the screen to respond to mouse clicks. Probably over three minutes! I’m not really timing, I just got impatient and started writing this post after waiting for the splash screen. I get best results working directly on the machine without the remote software in between. I probably could run the IDE outside on the host instead of the guest btu then I’d have to fight with the impossible configuration of shared folders. All I want to do is write a simple C++ program that uses an API installed on the guest! At this point I might as well have installed the OS directly on my host using a partition. I’m still thinking of going this route. Does you know of any shortcuts? Yes, you! Stop reading and give me an answer already!
Once upon a time I posted a hack-tip about getting the Flash plugin unblocked while your music player ran. The article was a gross restatement of an experience I had while learning BDD while listening to Wu-Tang. (In hind sight it would have been much simpler to just stop Amarok as it’s waay to difficult to hear rap music over top of tech jargon.) Fast forward several years and I find myself revisiting some of the same issues I spoke about back when. I tried to explain how Linux sound systems and audio processing worked. I was guessing at most of it and using my imagination tainted by my current experiences to draw a rough analogy. Today I’m beginning to get deep into audio signal processing/compression and so on and I sometimes need to work from home while much of my work is on the office Linux workstation. This presents some obvious challenges, the biggest one being playback of audio when programs run remotely. I’m posting today because I’m getting close to a possible solution that I haven’t found yet.
Let me describe a rather a-typical scenario so that you can appreciate how deep I’m getting into sound. You’re working from a MacbookPro, and you’ve logged into a remote Linux workstation using VNC. You need to test two mobile apps that stream sound from a remote service which you’ve prototyped on your Linux station. One app runs on Blackberry while the other runs on the iPhone. (I’m slightly over-complicating my typical situation but its not far from true.) One of the obvious challenges are getting audio from the Blackberry Simulator to play under Wine running on the Mac. I hit that snag about a month ago. The other big challenge is running test programs on the remote system that you would normally use its connected speakers to validate. Because you’ve logged in with VNC its easy to forget the disconnect or divide between you and what would be the audio output. (The speakers are happily blaring in the office while you sit miles away at home wondering why you can’t hear anything.)
Couple these challenges with the fact that you’re an AS/400 developer pretending to be a java guy that acts like he knows how to write J2ME and ObjC iPhone software all the while struggling to grok C/C++. Its not that you don’t know the C languages it’s just that you’ve spent most of your career avoiding it for the obvious complexity in favor of higher level languages like Python/Ruby/Groovy. Now all of the docs for these audio tools scream “./configure” this and “make” that while badgering you with “.o”, “.so” and/or “.a” dependencies that have been “make”-ed for completely opposite architecture. You need to learn the build tools of the arcane and use the language of the deceased to resurrect ideas that have been locked away in some deb repo for several years. Sounds a LOT like Linux, doesn’t it?
I wrote about SSH port forwarding a while ago but I don’t think y’all heard me. Listen up. (Place your ear within mere centimeters of your monitor if you will so that I can scream at’cha.) SECURE SHELL IS TEH BEST TOOL YOU’LL EVER USE IN YOUR ENGINEERING CAREER! I’m writing today because I was reminded from an incoming blog link about the power locked in this three letter acronym: S-S-H
By itself it doesn’t look interesting. However, if you take a minute to learn what it means, what it does, and what it can do then you’ll see why the above sentence is in all bold caps. It’s one of those things that people take for granite, like the extra buttons on your microwave. If you’re like me (and you must be or else you wouldn’t be reading) then you probably never use anything other than the “quick minute” and start buttons on the microwave. The meat/poultry, popcorn, and reheat buttons are just for show and whether they function or not is just a mystery. That’s how most people see ssh. But, but… when you learn what goes on under the acronym you start to look at those other people like fools that literally drive 747 Boeing’s to/from work and complain when they get stuck in rush hour traffic.
Let me stop right there. Have you ever had that experience before? Have you ever found out how to really use something like your TIVO or VCR, or maybe it was all the hidden features in your car like auto off lights, tire pressure monitor, and the multi-user programmable power seat adjustments. Have you later watched somebody with the same equipment literally ignore/abuse the features? Here’s the tricky part. These very same people will look at you cross eyed as you spend hours/days trying to figure out how/why feature “X” will/won’t work while they have found the shortest most abusive 30 second path to gratification. There is something to be said of folks from both camps but I’ll leave that for after post discussion if you feel like commenting. (I’m waay off topic.)
So far I’ve found at least 7-10 good uses for SSH ranging from X11 forwarding to remote port forwarding to transparent access to remote Linux-based file systems, and more. I’m certain there are many more that I haven’t found or stepped into on my way to the shed to pull out my trusty dusty mower. What way do you use SSH? Do you cut it with a 5th of gin? Have you tried it with hot sauce? Does it work well as an antacid? Maybe you’ve manage to repair that hole in your vinyl upholstery with it. Whether you’ve fixed a flat or refinanced your mortgage with it I’d love to hear your story.
If you want you can skip the beginning blurb and go right to the recipe.
Every so often you face a tough problem then someone sayz to yuh, “Cliff, have you tried ssh tunnels?” (well that’s what hey would say to you if you were me, and if you were me you would have a habit of making easy problems way tougher than they need to be while you make tough problems easy.) That’s what happened to me a loooong time ago… like around last month. The I was chattin’ with the VP of technology about all things Maven and mobile related explaining how clever we were with our solution to on device testing when he suggested we try ssh tunneling. I read an article that day and got excited because it looked soo easy. Then I made a promise to our mobile dev team that I would prototype it over the weeken. Then I quietly forgot about it. Today the question came up again and I was like, “Oh crap! I never did try prototyping a solution to that problem!” I gave it a good hour of effort before getting stuck. It’s really not that difficult, and after leaving for the day, coming home and attacking it fresh I found that I only had one minor problem… I didn’t read the docs completely. (That’s how it goes when I see something cool. I jump in head first and complain because I always miss something simple and fundamental.) Silly babbling aside I present you the how to on what to do to get to your CPU thru EC2…
(or any other public remote web host)
1 Remote server running a flavor of ssh. (In my example I assume openSSH as it’s prevalent across many Linux distros.)
1 local computer that you desire to access also running a flavor of ssh (I’m using OS X in my example.)
2 Eggs slightly beaten whites removed.
1. Combine one additional parameter with the default sshd_config file under our server’s /etc/ssh folder. Use vi, nano, kate, gedit or a fancy command like the following.
sudo echo ” GatewayPorts yes” >> /etc/ssh/sshd_config
[For best results supply password when using the above crazy command.] The parameter name is GatewayPorts and the value should be yes to allow clients other than the server itself to tunnel into your local machine.
2. Execute one sshd restart command to allow the new parameter to be considered on the server. Eg.
sudo /etc/sshd restart
3. Add -R [remote port]:localhost:[local port] to 1 1/2 cup of ssh command typing slow to avoid error. The remote port is the port number you wish to tunnel through on the remote machine while the local port is the port you want all traffic to be directed to on the local machine. Eg.
ssh me@myremotehost -R 80:localhost:9002
This can be used to forward all web server requests to a server app running on the crappy Compaq that you used to execute the ssh command.
That’s it! The net result would be a service running on your desktop/laptop/MacBook in your garage appearing as if was running on the public remote web host. So then you point your browser to http://myremotehost and your home equipment gets all the traffic. The secret is the “GatewayPorts yes” property that must be set in the remote host’s /etc/ssh/sshd_config file. That secret value bypasses all common sense security allowing anybody on the internet to peek into your home located machine and access the pictures of you and the kids looking burnt up at Daytona Beach, FL.
Now why would you want to do that? There are all sorts of possibilities that arise when you start playing with tunnels. First off, they run through the security of secure shell, a robust tool that I’ve only begun to understand the capabilities of. (It seems like ssh can do everything from being a secure channel, to enabling sFTP, to being a mountable file system allowing Windows explorer like file browsing, to recording those 10:30am episodes of Judge Judy while you’re at work. Yes, ssh can do that too.) Tunnels work both ways, remote forwarding and local forwarding. If you were behind a firewall that allowed connections to remote ssh hosts but blocked some other port/protocol you could sidestep by doing something similar to the above but substituting the ‘-R’ with a ‘-L’ for a local forward. Then all the traffic sent to the machine you run the ssh command from would be forwarded to the remote host. It’s so simple! Setting up a tunnel is a matter of specifying the port you want to forward from and the port you want to forward to! Use your imagination, and happy port forwarding!
I got a lot to say but no time to say it. For now just know that I’m back on Linux and fighting with audio incompatibility. It sux because most everything else works on my fresh new Mint Linux (that’s right I’m on Mint now, not Mepis, not Kubuntu…) install. For what it’s worth I think my answers may be here. If you have a Creative Sound Blaster X Fi card and are considering installing the latest version of Mepis, (K)Ubuntu, or Mint, look at this guide: http://ubuntuforums.org/showpost.php?p=4823915&postcount=675
There’s a blurb about SLAB vs. SLUB don’t ask me what it means just follow along. I’m going to try this myself in another day or so.