// it's simple to add one key but this helps when i'm on a machine w/ multiple authorized hosts
// use like `ssh-copy-id ww1.example.com` -- make sure you have `ssh-agent` running and have added keys w/ `ssh-add` (use `ssh-add -L` to check)
// got this from the OpenSSH in Ubuntu, don't have it on mac afaik?

#!/bin/sh

# Shell script to install your public key on a remote machine
# Takes the remote machine name as an argument.
# Obviously, the remote machine must accept password authentication,
# or one of the other keys in your ssh-agent, for this to work.

ID_FILE="${HOME}/.ssh/id_rsa.pub"

if [ "-i" = "$1" ]; then
  shift
  # check if we have 2 parameters left, if so the first is the new ID file
  if [ -n "$2" ]; then
    if expr "$1" : ".*\.pub" >/dev/null; then
      ID_FILE="$1"
    else
      ID_FILE="$1.pub"
    fi
    shift         # and this should leave $1 as the target name
  fi
else
  if [ x$SSH_AUTH_SOCK != x ] && ssh-add -L >/dev/null 2>&1; then
    GET_ID="$GET_ID ssh-add -L"
  fi
fi

if [ -z "`eval $GET_ID`" ] && [ -r "${ID_FILE}" ] ; then
  GET_ID="cat ${ID_FILE}"
fi

if [ -z "`eval $GET_ID`" ]; then
  echo "$0: ERROR: No identities found" >&2
  exit 1
fi

if [ "$#" -lt 1 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
  echo "Usage: $0 [-i [identity_file]] [user@]machine" >&2
  exit 1
fi

{ eval "$GET_ID" ; } | ssh $1 "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys" || exit 1

cat <<EOF
Now try logging into the machine, with "ssh '$1'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

EOF

// This little gem enables me to execute commands on a group of systems
// just run this script and put whatever commands you want after it.. eg
// script.sh uname -a
// and it will execute 'uname -a' on all the listed hosts. make sure you setup
// ssh keys so you don't have to type in a bunch of passwords.

#!/bin/bash
HOSTLIST="web2 web3 web4 vm1 dev"
USER="mylogin"

for H in $HOSTLIST; do
        echo -n "$H: " && ssh $USER@$H $*
done  

Surfing the web with Safari (3.0.4) on Mac OS X 10.4 can be made a bit more private & secure by setting up a local SOCKS Proxy on an admin user account.
Use the following BASH command-line instructions at your own risk!

I. Setting up a local SOCKS proxy for Safari on a single admin user account

# first enable remote login on your admin user account: System Preferences > Sharing > Services > Remote Login

# test if remote login is enabled
sudo launchctl list | grep com.openssh.sshd                               # com.openssh.sshd
defaults read /System/Library/LaunchDaemons/ssh
netstat -an | awk '/\*\.22[[:space:]]+.*LISTEN$/ {print}'                 # tcp4 ... *.22 ... LISTEN
service --test-if-available ssh; echo $?                                  # 0
service --test-if-configured-on ssh; echo $?                              # 0

# test if sshd daemon supports tcp_wrappers
# cf. http://www.la-samhna.de/library/brutessh.html#5
otool -L /usr/sbin/sshd | grep libwrap                                      

# then make sure you are connected to the internet
ping -c 10 checkip.dyndns.org
curl -L -s --max-time 10 http://checkip.dyndns.org | grep -Eo -m 1 '([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}'   


# then set up the local SOCKS Proxy
# cf. http://macapper.com/2007/05/22/advanced-os-x-secure-tunneling-via-ssh

#ssh -q -D 8080 -f -C -N -x $(whoami)@$(ipconfig getifaddr $(route -n get default | awk '/interface:/ { print $2 }') 2>/dev/null)
#ssh -v -D 8080 -f -C -N -x $(whoami)@$(ipconfig getifaddr $(route -n get default | awk '/interface:/ { print $2 }') 2>/dev/null) 

ssh -q -D 8080 -f -C -N -x $(whoami)@127.0.0.1     # cf. AllowUsers $(whoami)@127.0.0.1 below

# ... enter your user account login password


# SSH Without a Password
# http://www.csua.berkeley.edu/~ranga/notes/ssh_nopass.html
# http://homepage.mac.com/kelleherk/iblog/C1901548470/E20061128145420/index.html

# RSA
mkdir -p $HOME/.ssh
chmod -R 0700 $HOME/.ssh
ssh-keygen -t rsa -f $HOME/.ssh/id_rsa -P ''
cp -p $HOME/.ssh/id_rsa.pub $HOME/.ssh/authorized_keys2
chmod 0600 $HOME/.ssh/authorized_keys2
srm -v $HOME/.ssh/id_rsa.pub
#ls -ld $HOME/.ssh
#ls -l $HOME/.ssh/authorized_keys2

# encrypt the known_hosts file
ssh-keygen -H -f $HOME/.ssh/known_hosts 
srm -v $HOME/.ssh/known_hosts.old
chmod 0600 $HOME/.ssh/known_hosts


# securing SSH
# See:
# - man sshd_config
# - sudo nano /private/etc/sshd_config
# - http://switch.richard5.net/2006/09/24/securing-your-ssh-access/ 
# - http://www.mactech.com/articles/mactech/Vol.21/21.02/Security/index.html
# - Mac OS X Security Configuration Guides at http://www.apple.com/server/documentation/

sudo sh -c "
echo '
# added
Protocol 2
PermitRootLogin no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
PubkeyAuthentication yes
AuthorizedKeysFile $HOME/.ssh/authorized_keys2
#KeepAlive yes
MaxAuthTries 3
LoginGraceTime 40
LogLevel INFO     # QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG
#AllowUsers $(whoami)      # add more users if you like: ~  (in Terminal.app) or dscl . -list /Users
AllowUsers $(whoami)@127.0.0.1      # cf. ssh -q -D 8080 -f -C -N -x $(whoami)@127.0.0.1 above
#AllowUsers $(whoami)@$(ipconfig getifaddr $(route -n get default | awk '/interface:/ { print $2 }') 2>/dev/null)   # requires internet connection
#AllowGroups sshusersgroup     # cf. dscl . -list /Groups; groups
' >> /private/etc/sshd_config
"


# then open Safari ...

open -a Safari

# ... and go to:
# Safari > Preferences ... > Advanced > Proxies: Change Settings ... 
# > Select a proxy server to configure: SOCKS Proxy > SOCKS Proxy Server: 127.0.0.1 : 8080 > Apply Now


sudo reboot       # ... or just restart: System Preferences > Sharing > Services > Remote Login

ssh -q -D 8080 -f -C -N -x $(whoami)@127.0.0.1      # should now work without password; cf. man ssh_config for configuring SSH shortcuts


# check local SOCKS Proxy setup

scutil --proxy                   # SOCKSProxy : 127.0.0.1, SOCKSEnable : 1, SOCKSPort : 8080

sudo ln -s "/Applications/Utilities/Network Utility.app/Contents/Resources/stroke" /bin/portscan
portscan localhost 8000 8100     # Open TCP Port:  8080  http-alt

lsof -i :22 -P
lsof -i :8080 -P
lsof -i TCP -P
lsof -U -P             # list UNIX domain socket files
sudo lsof -U -P
netstat -n -f inet


#-------------------------- 


# now you can, for example, test if a website can discover your real internal IP address provided your computer
# is behind a DSL router and you have a firewall running (cf. http://textsnippets.com/posts/show/1267)
# cf. http://www.auditmypc.com/internal-ip.html

# first get your internal IP address
ipconfig getifaddr $(route -n get default | awk '/interface:/ { print $2 }')

# note: to run the 'real IP' test you first have to enable Plug-ins, Java & JavaScript in Safari
# Safari > Preferences ... > Security > Enable plug-ins & Enable Java & Enable JavaScript

open -a Safari http://www.auditmypc.com/software_audit.asp

II. Setting up a local SOCKS proxy for Safari using two different user accounts on the same computer

# The following BASH command-line instructions assume you have a regular user account 
# and an admin user account on the same computer!

# First, log in to the regular user account 
regular_user_name="$(whoami)"
regular_user_path="$HOME"
echo $regular_user_name $regular_user_path    

# note down the output from the echo command
# log out from the regular user account

# Then log in to the admin account for the following instructions!

# first make sure you are connected to the internet
ping -c 10 checkip.dyndns.org
curl -L -s --max-time 10 http://checkip.dyndns.org | grep -Eo -m 1 '([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}'   

# get internal IP address & set regular user account information
regular_user_name="...insert information from regular user account above..."
regular_user_path="...insert information from regular user account above..."
internal_IP_address=$(ipconfig getifaddr $(route -n get default | awk '/interface:/ { print $2 }'))
echo $internal_IP_address $regular_user_name $regular_user_path

# enable remote login: System Preferences > Sharing > Services > Remote Login

# test if remote login is enabled
service --test-if-available ssh; echo $?               # 0
service --test-if-configured-on ssh; echo $?           # 0


# SSH Without a Password

# admin user account
# RSA
mkdir -p $HOME/.ssh
chmod -R 0700 $HOME/.ssh
ssh-keygen -t rsa -f $HOME/.ssh/id_rsa -P ''
cp -p $HOME/.ssh/id_rsa.pub $HOME/.ssh/authorized_keys2
chmod 0600 $HOME/.ssh/authorized_keys2
srm -v $HOME/.ssh/id_rsa.pub
ls -ld $HOME/.ssh
ls -l $HOME/.ssh

# regular user account
sudo mkdir -p $regular_user_path/.ssh
sudo chmod -R 0700 $regular_user_path/.ssh
sudo cp $HOME/.ssh/authorized_keys2 $regular_user_path/.ssh/authorized_keys2
#scp ~/.ssh/authorized_keys2 $regular_user_name@$internal_IP_address:~/.ssh/authorized_keys2
sudo chown -R $regular_user_name:$regular_user_name $regular_user_path/.ssh
sudo chmod 0600 $regular_user_path/.ssh/authorized_keys2
sudo ls -l $regular_user_path/.ssh
sudo ls -ld $regular_user_path/.ssh

# delete all files in ~/.ssh on both user accounts
#sudo find $regular_user_path/.ssh -type f -exec srm -fv "{}" \;
#find $HOME/.ssh -type f -exec srm -fv "{}" \;


# log in to regular user account via SSH
# enter admin account login password if prompted
ssh -i $HOME/.ssh/id_rsa $regular_user_name@$internal_IP_address     
exit

# encrypt the known_hosts file
ssh-keygen -H -f $HOME/.ssh/known_hosts       
srm -v $HOME/.ssh/known_hosts.old
chmod 0600 $HOME/.ssh/known_hosts

ssh -i $HOME/.ssh/id_rsa $regular_user_name@$internal_IP_address    # test
ls 
exit


# securing SSH
# man sshd_config
# sudo nano /private/etc/sshd_config

sudo sh -c "
echo '
# added
Protocol 2
PermitRootLogin no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
PubkeyAuthentication yes
#AuthorizedKeysFile $regular_user_path/.ssh/authorized_keys2
#KeepAlive yes
MaxAuthTries 3
#PermitUserEnvironment yes     # requires ~/.ssh/environment file; see man ssh and man sshd_config
LoginGraceTime 40
LogLevel INFO     # QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG
#AllowUsers $(whoami) $regular_user_name
AllowUsers $(whoami)@$internal_IP_address $regular_user_name@$internal_IP_address
' >> /private/etc/sshd_config
"


# set up the local SOCKS Proxy
# enter admin account login password if prompted
ssh -q -D 8080 -f -C -N -x $regular_user_name@$internal_IP_address    

open -a Safari

# Safari > Preferences ... > Advanced > Proxies: Change Settings ... 
# > Select a proxy server to configure: SOCKS Proxy > SOCKS Proxy Server: 127.0.0.1 : 8080 > Apply Now

# restart sshd: System Preferences > Sharing > Services > Remote Login

# check local SOCKS Proxy setup
scutil --proxy                    # SOCKSProxy : 127.0.0.1, SOCKSEnable : 1, SOCKSPort : 8080
portscan localhost 8000 8100      # Open TCP Port:  8080  http-alt

ssh -p 22 $regular_user_name@$internal_IP_address ls
ssh -l $regular_user_name $internal_IP_address 'echo hello world; whoami; hostname; logname'

# test privacy of internal IP address
open -a Safari http://www.auditmypc.com/software_audit.asp

Further information on SSH & Mac OS X:

- Getting started with SSH
- Remote Login With SSH
- SSH Without A Password
- Exit Your SSH Session Without Killing Your Job
- SSH on Mac OS X
- SSH
- ssh tunnelling
- ssh X forwarding debugging
- Tutorial: SSH To Alternate Ports and Enabling Multiple SSH Daemons
- Route All Your Internet Traffic Through a Proxy
- SSH Notes
- SSH Host Key Protection
- Setup the SSH server to use keys for authentication
- Auto-closing SSH tunnels
- SSH Tunnelling (Port Forwarding)
- Defending against brute force ssh attacks
- SSH + Screen = Easy Administration
- SSH SOCKS Proxy From Behind a Gateway
- nylon - flexible Unix proxy server with mirror mode; sudo port install nylon
- tsocks - transparent SOCKS proxying library; sudo port install tsocks

This command will create a dynamic forward from an SSH client to an SSH server. Basically what this does is allow you to use any local port (8080 in this example) as a proxy for any TCP application.

Feedback, suggestions and comments are all welcome!

# In the following example, we create a dynamic
# forward from port 8080 (client) to port 22 (host.net).

ssh -D 8080 username@host.net

# Now, we'll check out netstat to see what we
# have done.

netstat

# Active Internet connections (w/o servers)
# ...
# tcp 0 0 host.net:ssh client.com:60565 ESTABLISHED
# ...
#
# Awesome! Now we've got the connection. I'll add
# another post telling how to use this port as a
# socks proxy for any TCP application :)

I found it really difficult to get svn via svn+ssh geting to work because I made two erorrs:
I used not my main user. However, only the main user can get shell access necessary for svn via ssh.
I used a wrong path.

In order to get things going set up subversion following the usual directives in the knowledge base and then access your repository like this:
(OS X terminal here)

% svn co svn+ssh://mainuser@yourdomain.tld/home/mainuser/svn/repositoryname/

This should do the trick.

Remember not to use ssh and http(s) at the same time. It's either or.

To replace the normal text password login with ssh public/private key pair....

Generate a pair at home (creates RSA based key pair)

ssh-keygen -t rsa

Enter in a passphrase when it asks.

upload the .pub key to the server

sftp root@<server address>
lcd /home/<your login>/.ssh
put id_rsa.pub

Login to the server normally as root.
Goto the .ssh directory
Append the public key to the authorized_keys

ssh root@<server address>
cd .ssh
cat id_rsa.pub >> authorized_keys

Then check that /etc/ssh/sshd_config has...

RSAAuthentication yes
PubkeyAuthentication yes

... in it

Restart the ssh server

/etc/init.d/ssh reload

Logout.
Try logging in again as root and you should be prompted for passphrase to your ssh key.

Use

ssh -v root@<server address>

to diagnose problems

// ssh tunnel remote mysql to a local port (in this case, 3307)

ssh -2 -f -C -N user@servername.com -L 3307/127.0.0.1/3306

// requirements
// * server running mt-daapd/Firefly (alternative server for iTunes music sharing)
// * tunneleling & port-forwading via ssh
// * local bonjour/zeroconf broadcasting using Apple's mDNSProxyResponder
// based on info from
// for more: see Music Blackhole
// Jamie Wilkinson

ssh USER@SERVERNAME -N -f -L 3690:SERVERNAME:3689 && mDNSProxyResponderPosix 127.0.0.1 musicserver "My remote music server" _daap._tcp. 3689 &

// description of your code here

No forking in background and verbose

ssh -2 -v -c blowfish -C -N user@servername.textdrive.com -L 3370/127.0.0.1/3306



Forking in background

ssh -2 -f -c blowfish -C -N user@servername.textdrive.com -L 3370/127.0.0.1/3306

Connect to remote mysql server via ssh tunnel:

ssh -f -L 3306:127.0.0.1:3306 username@servername.com sleep 120

Should auto-disconnect when it’s no longer in use.

// What the title says :-)

cat .ssh/id_dsa.pub | ssh user@domain.tld 'cat >> .ssh/authorized_keys'

Common SSH commands for (dv) 2.0 - (dv) 3.0 Servers [ *'d items work on (ss) also ]

=========================================================================================|
This is a list of Common commands that can be run from root / SSH access.


I. Basic Commands

A. Retrieve Plesk Admin Password

cat /etc/psa/.psa.shadow

B. Change Directory (cd) *


cd /path/to/directory/

C. Listing Files/SubFolders (ls) *

ls -alh (files and subfolders listed with perms in human-readable sizes)

D. Checking Processes

ps -a top -c (process viewer - Ctrl+C to exit)

ps -auxf (process list)

E. Start/Stop Services

/etc/init.d/ start|stop|restart|status ("/etc/init.d/httpd stop" stops apache)

F. Check Bean Counters (hard and soft limits, failcounts, etc.)

cat /proc/user_beancounters




II. File System Commands (df & du are (dv)-only commands)

A. Check Total Disk Usage

df (gives physical disk usage report with % used)

B. List Files/Folders +Sizes (du)

du (lists all filesizes. takes a LONG time, dont run this)

1. du -sh * (lists all the subfolders/sizes in a dir)

C. Remove/Delete Files (rm /path/to/filename.htm) -DANGER- always verify *

1. rm -vf (force-deletes file. Dont run unless you know EXACTLY what you're doing)

2. rm -vrf (force deletes folder and all subfolders and files)

D. Copy Files (cp) *

cp filename.abc /new/path/filename.abc.123

E. Move Files (mv) *

mv filename.abc /new/path/filename.abc.123

F. Create Empty File (touch) *

touch filename.123



III. File Permissions and Ownership (dv)+(ss)

A. Change Permissions of files (chmod) *

chmod 000 filename.abc (defaults are usually 755 for folders, 644 for files)

1. Numbers correspond to users. 1st=Owner; 2nd=Group; 3rd=Other

(-rwxrwxwrx = 777, -rwxr-xr-x = 755, -rw-r--r-- = 644, etc.)

7 = Read + Write + Execute
6 = Read + Write
5 = Read + Execute
4 = Read
3 = Write + Execute
2 = Write
1 = Execute
0 = All access denied

B. Change Ownership of files (chmown) *

chown user:group filename.abc (you can see user and group w/ ls -alh)

Anytime a user creates a file, the Ownership of the file matches that user. In Plesk,
every domain that has hosting has a different user. So if you are copying files from
one domain to another, you must remember to change ownership.



IV. Checking Log Files (dv)

Log files can tell you alot about whats going on on a (dv). You can use the command:
'tail -n 100' before the logfile name to list the last 100 entries of the logfile.
Here are some of the most common:

A. Main Error Log

/var/log/messages

B. Apache Error Log

1. /var/log/httpd/error_log (main)

2. /home/httpd/vhosts/domain.com/statistics/logs/error_log (per-domain)
(May also be: /var/www/vhosts on newer dvs)

C. MySQL Logs

/var/log/mysqld.log

D. Mail Logs

/user/local/psa/var/log/maillog


**Common issues to look out for in log files**

-The main error log will not always give you all the information you want for a svc.
You may see alot of failed SSH and FTP connections, that is generally normal.

-Keep an eye out for MaxClients errors in the Apache logs if a customer is complaining
of Apache dying alot. You can check the internal KB for raising MaxClients settings.

-If a customer does not set up Log Rotation for a domain under Plesk, then Log Files
will build up and may take up alot of unneeded space. You can usually delete old log
files in Plesk, and change the Log Rotation to Daily instead of by size.

-MailLogs can show you if a customer is spamming, or if mail is coming in or out.

-MySQL Logs should be able to show you general MySQL errors such as bad connections,
or corrupted tables. Check the Int. KB for the 'myisamchk -r' repair table command.



V. Advanced Commands

A. Find. You can do alot with find. for now lets find all files over 10MB.

find . -size '+10000k' -exec ls -Shl {} ;

B. Grep. Another handy tool to get specific information

cat file | grep blah (only lists the information where the word blah is found)

C. Less/More

less filename.abc (displays the content of a file. arrows to scroll, 'q' to quit.)
more == same thing basically.

You can use the '| more' command to scroll through something page or line at a time.
'tail -n 1000 /var/log/httpd/error_log | more'

D. VI. Vi is a basic text editor. Careful what keys you hit while in vi.

vi /path/to/filename.abc

i = INSERT mode. Hit 'i' when you are ready to type in some junk.
leave INSERT mode by hitting the 'Esc' key.

:q = Quit without saving. (Make sure your not in INSERT mode)

:wq = Write file and Quit (Save).

// generates SSH DSA keys in ~/.ssh/

ssh-keygen -d

Quick syntax example for ssh tunelling.

ssh -l username -L 4444:alpha.hostname.com:80 dmz.hostname.com

I modified Pteron's muttrc file to use my local Maildir rather than login via IMAP.

This is A) Faster/better since it cuts out the bother of an imap connection to localhost and accesses your mail directly, B) It actually works (the imap method always failed on a segfault for me at least), C) You gotta like not having to store your username/password in the clear since there's no imap login to perform D) More responsive than webmail for quick email checks, and works even when webmail doesn't.

To use, change the realname line and save with filename ".muttrc"; upload this to your home directory, then login via ssh and type "mutt".

# For TextDrive accounts (running mutt on the server)

set mbox_type=Maildir
set folder="~/Maildir/"
set spoolfile="~/Maildir/"
set mask="!^\\.[^.]"
set record="+.Sent"
set postponed="+.Drafts"

set realname="Yourname"

mailboxes `\
echo -n "+ "; \
for file in ~/Maildir/.*; do \
  box=$(basename $file); \
  if [ ! $box = '.' -a ! $box = '..' -a ! $box = '.customflags' \
      -a ! $box = '.subscriptions' ]; then \
    echo -n "+$box "; \
  fi; \
done`

macro index c "?" "open a different folder"
macro pager c "?" "open a different folder"

set allow_8bit  # Don't do any Quoted-Printable encoding on 8-bit data!
set copy=yes    # Ask me if I want to save a copy of my outgoing messages.
set delete=yes
set noaskcc
set nomark_old
set reverse_alias
set reverse_name
set reply_to
set attribution="On %d, %n wrote:"
set envelope_from
set noconfirmappend
set print=ask-no
set print_cmd="echo Nix printi printi!"
set nosave_empty
set sort=threads
set read_inc=10
set write_inc=10
set noprompt_after
set status_format="%r %v [%?M?%M/?%m] %?n?%n new, ?%?p?%p postponed, ?%?t?%t +tagged, ?%?d?%d delet ed, ?(%h:%f) %?b?%b more to go.?%> %r"

#set alias_file="~/.aliases"
set quote_regexp="^([A-Za-z ]+>|[]>:|}-][]>:|}-]*)"
set include
set hdr_format="%4C %Z %{%b %d} %-15.15n (%4l) %s"
set nomove
set tilde
set noautoedit
set pager_context=1
set pager_stop
set pipe_decode
set postponed="+postponed"
set to_chars="b .c>"

set fast_reply

color header brightcyan black .
color header yellow black Subject:
color body brightyellow black [_a-z\.\$A-Z0-9-]+@[a-zA-Z0-9\./\-]+
color body yellow black (http|ftp)://[_a-zA-Z0-9\./~\-]+
color quoted green black
color signature brightblue black
color attachment yellow black
color tree red black
color indicator black cyan
color status yellow blue
color tilde blue black

bind pager 'w' previous-page
bind pager 'j' next-line
bind pager 'k' previous-line
bind index '#' tag-entry
bind index '{' previous-thread
bind index '}' next-thread

# Headers to ignore
ignore *
unignore date from to cc subject x-mailer resent-from reply-to

This isn't a brilliant script, but it sure can be a time saver. When I add a public key by hand I end up doing a lot more commands.

#!/bin/bash

## USAGE: add_to_server.sh remote_server

## This script will add your ssh dsa public key to remote_server's authorized_keys list, 
## assuming that everything is in it's default location

set -v                                 # verbose output
username="USERNAME"              # CHANGE ME!!!!
remote_server=$1              # assigns the first commandline argument to $remote_server


## Pipe the public key to ssh, then remotely touch the file to make sure it will be there, and concat to the end of it.
## Might work without the touch?
cat ~/.ssh/id_dsa.pub | ssh ${username}@${remote_server} "touch ~/.ssh/authorized_keys && cat - >> ~/.ssh/authorized_keys"

exit 0

Get TRAMP (Transparent Remote file Access, Multiple Protocol) :

http://savannah.gnu.org/projects/tramp/

Install it :

cd ~/.emacs.d/
tar -xvzf /your/download/folder/tramp-2.X.X.tar.gz
ln -s tramp-2.X.X tramp
cd tramp
./configure --with-contrib
make
sudo make install

Configure your emacs to use it :
1. Add the following in your .emacs

;; Remote file editing via ssh
(add-to-list 'load-path "~/.emacs.d/tramp/lisp/")
(require 'tramp)
(setq tramp-default-method "ssh")

2. Launch your emacs
3. C-x C-f /[email protected]:/path/to/file

Warning :
Seems it doesn't work if no password is required to login to host (using public key for example). But not sure at all...

Installing Subversion for local use is general an easy install, but allowing remote access to your svn repository over SSH can be problomatic dependent upon your OS and the means taken to install.

For Darwinports and Fink on OS X the install location has to be added to users $PATHs, but there are extra steps outlined here for use of the svn+ssh means of access:

http://subversion.tigris.org/faq.html#ssh-svnserve-location

A much easier alternate is to sym link the svn binaries to a place on the default PATH (used by the SSH login):

#For Darwinports
ln -s /opt/local/bin/sv* /usr/bin/

#For Fink
ln -s /sw/bin/sv* /usr/bin/

This links all the binaries at once.

If the repository is on a remote server and you have SSH access, then just set CVS_RSH and CVSROOT.

For example, in bash:

export CVS_RSH="ssh"
export CVSROOT=":ext:me@someserver:/path/to/repository"

In combination with ssh-agent, this works nicely.

Sometimes I am in bed and too lazy to get out to mute my G5. I can just grab my iBook, SSH into the G5 and run the following command:

osascript -e 'set volume output muted true'

brilliant!