bin/tt.sh: Main Bash script that builds a multi-hop SSH tunnel using a generated, temporary SSH config.example-tt-chain.conf: Sample config showingLOCAL_PORT,REMOTE_HOST,REMOTE_PORT, andHOST_CHAIN.README.mdandLICENSE: Usage overview and license.
- Run locally:
task run CONFIG=./example-tt-chain.conf- Starts a local forward from
LOCAL_PORTtoREMOTE_HOST:REMOTE_PORTthrough theHOST_CHAIN.
- Starts a local forward from
- Lint:
task lint- Runs
shellcheckonbin/tt.sh(override withSHELLCHECK=/path/to/shellcheck).
- Runs
- Format:
task format- Uses
shfmt -wfor consistent Bash formatting. Note: Install Task from https://taskfile.dev/#/installation.
- Uses
- Language: Bash with
set -euo pipefailfor safety. - Indentation: 2 spaces; avoid tabs.
- Naming: Prefer lowercase, hyphen-separated file names (e.g.,
tt.sh), and uppercase for exported config vars (e.g.,LOCAL_PORT). - Config files:
.confBash-compatible files that can besourced; keep simple key/value plus theHOST_CHAINarray.
- Smoke test: Use a safe target or dummy host and verify the printed SSH command without establishing a real connection (Ctrl+C to exit).
- Static checks:
bash -n bin/tt.sh(syntax),shellcheck bin/tt.sh(lint). - Optional dry-run:
ssh -Gcan help inspect computed SSH options for a hop if needed.
- Commit messages: Short, present-tense summaries (e.g., “Update README”, “Port forwarding update”). Keep under ~72 chars.
- PRs should include: clear description, rationale, sample config used, and relevant logs/output (redact hosts/keys). Link related issues.
- Scope changes narrowly; avoid bundling unrelated edits.
- Do not commit secrets or private keys. Reference keys from
~/.ssh/*.pemin config (seeexample-tt-chain.conf). - File permissions: private keys should be
0600. Keep configs outside version control if they include sensitive hosts. - Host verification: The tool disables strict host key checking in its temporary SSH config for ease of use. For stricter environments, review and adjust before use.