kernel loading

ssh proxy

I have three machines: my laptop client, firewall ra, my final ssh destination
My laptop have to reach destination through firewall, since destination is behind firewall.
There are three ways to ssh to destination.

  1. Put everything into command line, without the config file:
ssh -o ProxyCommand="ssh -o UserKnownHostsFile=/fullpath/known_hosts -i /fullpath/RioAws1.pem rio@ -W" -o UserKnownHostsFile=/fullpath/known_hosts -i /fullpath/UbuntuMaxx.pem rio@

2. with config file, ProxyCommand, which looks cleaner:

$ ssh uByRaProxyJump
Host uByRaProxyCommand
	IdentityFile 12.pem
	HostName NoMatter
	User rio
	ProxyCommand ssh -F /fullpath/config -o UserKnownHostsFile=/fullpath/known_hosts ra -W
Host ra 
	Port 22
	User rio
	IdentityFile 54.pem
	UserKnownHostsFile known_hosts

3. with config file, ProxyJump, which look cleanest, by replacing ProxyCommand section with ProxyJump:

$ ssh uByRaProxyJump
Host uByRaProxyJump
	IdentityFile 12.pem
	Port 22
	User rio
	ProxyJump ra

ssh is doing the same thing with all three options. The firewall machine stores no credentials of the destination.

eval in bash

Sometimes there is an alternative to eval, sometimes not.
When there is an alternative: indirect expansion
eval echo \${$VARVAR} can be replaced by echo ${!VARVAR}

When there is no alternative, as far as I know:
To do quoting, escaping, redirection, piping after parameter expansion, as seen in the two cases below.
1. $ book=”\”This Book.pdf\”” ; eval rm $book
2. $CMD=”echo SeeingMeAlongMeansSuccess |cat” ; evalĀ $CMD
Without eval, we cannot prevent |cat from being passed to execve(2) system call, which is not what we want

Download has detailed demo and explanation.

Mount google drive on headless Ubuntu

On remote google side:
This application need to get permission from Google to access the Drive API (not to be confused with access to a certain user’s Drive)
In order to identify the application, I apply a ClientID, pretending I present this application, RioGdFuse, to Google.
Create OAuth2 credentials: ClientID and ClientSecret, for google to authenticate the application
Go to: with account as developer account
Enable Drive API: This is for the developer account RioWng
Go to:

On local, ubuntu side:
Install google-drive-ocamlfuse
add-apt-repository ppa:alessandro-strada/ppa; apt-get update
apt-get install google-drive-ocamlfuse
google-drive-ocamlfuse -headless -label dRioChn -id $ClientID -secret $ClientSecret
Get token:
$ google-drive-ocamlfuse -headless -label dRioCn -id $ClientID -secret $ClientSecret
RioCn is a label to identify the Dirve that will be accessed, like, when multiple Drive accessed
Replace ClientID ClientSecret with your strings.
This command prints a URL, which be pasted to browser. then sign in with the accessed Drive account, like RioCn, and get back verification code.
Basically this URL send the client ID to Google, and the verification code tells the application RioGdFuse is granted access to RioCn Drive.
This URL looks like… Verificaton code looks like 4/zgGst…
Config result and logs are in folder: ~/.gdfuse/dRioCn
Mount the drive:
$ google-drive-ocamlfuse -debug -label dRioChn /mnt/ebs/rio/proj/gdrive/mt
Try it out:
$ cd /mnt/ebs/rio/proj/gdrive/mt
$ ls this lists, e.g. Contact.xml, which was created 10 years ago on the Drive. see Screenshot

When mounting, google-drive-ocamlfuse doesn’t exit, therefore no message like “mount success”.
The meaning for error messages do not appear until operating the mount point, e.g. $ls mt
The API is very slow, in addition, it processes file one after another.
WSL1 doesn’t work as it doesn’t support FUSE