Bryan Johnson
f58bcf711f
NEW lib/ssh-helper.sh implements the full SSH command surface: hosts/list show configured remote hosts add <alias> <user@host[:port]> register a new host remove <alias> remove + clean cred + socket pass <alias> set/update password (hidden interactive) setup <alias> open long-lived ControlMaster close <alias> close ControlMaster status [alias] show open masters + cred presence exec <alias> <command...> run command via master Architecture: • $LARRY_HOME/.ssh-hosts.tsv — alias \t user@host \t port (3-col) • $LARRY_HOME/.ssh-creds/<alias> — raw password, mode 0600 • $LARRY_HOME/.ssh-sockets/<alias>.sock — ControlMaster socket The password is read from disk by sshpass via -f (file argument), so it never lands in argv or environment. It is used ONCE to open the master; all subsequent execs multiplex through the socket with no auth. Daily- rotating passwords: just overwrite the cred file and re-run setup. SLASH COMMANDS wired in larry.sh REPL: /ssh-hosts /ssh-add /ssh-remove /ssh-pass /ssh-setup /ssh-close /ssh-status /ssh <alias> <cmd>. LARRY TOOLS exposed to the LLM: ssh_status — list aliases + open-master state ssh_exec — run command on remote via the master socket Both tool descriptions explicitly tell Larry the password is unreachable and to ask Bryan to run /ssh-setup if a master is closed. Tool inputs and outputs never contain the password. Output capped at max_lines (default 500) with a "[ssh_exec: exit rc=N]" footer. Bundle updated: MANIFEST + install-larry.sh both now include lib/ssh-helper.sh. Auto-update will pull it on next launch. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
66 lines
1.3 KiB
Plaintext
66 lines
1.3 KiB
Plaintext
# larry-anywhere update manifest
|
|
# Format: one path per line, relative to the bundle root.
|
|
# Lines starting with '#' and blank lines are ignored.
|
|
# Every file listed here is auto-synced by larry.sh's self_update() each time
|
|
# the running larry.sh version changes (and on first launch of a new version).
|
|
#
|
|
# To add a new file to the auto-sync set: list it here and bump VERSION.
|
|
|
|
# Top-level scripts
|
|
larry.sh
|
|
larry-tunnel.sh
|
|
larry-auth.sh
|
|
larry-rollback.sh
|
|
install-larry.sh
|
|
|
|
# Metadata
|
|
VERSION
|
|
MANUAL.md
|
|
|
|
# Agent personas (system-prompt overlays)
|
|
agents/larry.md
|
|
agents/clover.md
|
|
agents/cloverleaf-cheatsheet.md
|
|
agents/regress.md
|
|
|
|
# Auth implementation
|
|
lib/oauth.sh
|
|
|
|
# Secure SSH with ControlMaster (password hidden from Larry-the-LLM)
|
|
lib/ssh-helper.sh
|
|
|
|
# Logging / capture
|
|
lib/lessons.sh
|
|
lib/journal.sh
|
|
|
|
# HL7 utilities
|
|
lib/hl7-sanitize.sh
|
|
lib/hl7-desanitize.sh
|
|
lib/hl7-diff.sh
|
|
lib/hl7-field.sh
|
|
|
|
# Generic helpers
|
|
lib/each.sh
|
|
lib/each-site.sh
|
|
lib/len2nl.sh
|
|
lib/csv-to-table.sh
|
|
lib/table-to-csv.sh
|
|
|
|
# NetConfig tooling
|
|
lib/nc-engine.sh
|
|
lib/nc-status.sh
|
|
lib/nc-table.sh
|
|
lib/nc-xlate.sh
|
|
lib/nc-smat-diff.sh
|
|
lib/nc-create-thread.sh
|
|
lib/nc-tclgen.sh
|
|
lib/nc-parse.sh
|
|
lib/nc-inbound.sh
|
|
lib/nc-make-jump.sh
|
|
lib/nc-msgs.sh
|
|
lib/nc-document.sh
|
|
lib/nc-diff-interface.sh
|
|
lib/nc-find.sh
|
|
lib/nc-insert-protocol.sh
|
|
lib/nc-regression.sh
|