Bryan Johnson
f58bcf711f
NEW lib/ssh-helper.sh implements the full SSH command surface: hosts/list show configured remote hosts add <alias> <user@host[:port]> register a new host remove <alias> remove + clean cred + socket pass <alias> set/update password (hidden interactive) setup <alias> open long-lived ControlMaster close <alias> close ControlMaster status [alias] show open masters + cred presence exec <alias> <command...> run command via master Architecture: • $LARRY_HOME/.ssh-hosts.tsv — alias \t user@host \t port (3-col) • $LARRY_HOME/.ssh-creds/<alias> — raw password, mode 0600 • $LARRY_HOME/.ssh-sockets/<alias>.sock — ControlMaster socket The password is read from disk by sshpass via -f (file argument), so it never lands in argv or environment. It is used ONCE to open the master; all subsequent execs multiplex through the socket with no auth. Daily- rotating passwords: just overwrite the cred file and re-run setup. SLASH COMMANDS wired in larry.sh REPL: /ssh-hosts /ssh-add /ssh-remove /ssh-pass /ssh-setup /ssh-close /ssh-status /ssh <alias> <cmd>. LARRY TOOLS exposed to the LLM: ssh_status — list aliases + open-master state ssh_exec — run command on remote via the master socket Both tool descriptions explicitly tell Larry the password is unreachable and to ask Bryan to run /ssh-setup if a master is closed. Tool inputs and outputs never contain the password. Output capped at max_lines (default 500) with a "[ssh_exec: exit rc=N]" footer. Bundle updated: MANIFEST + install-larry.sh both now include lib/ssh-helper.sh. Auto-update will pull it on next launch. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2 lines
6 B
Plaintext
2 lines
6 B
Plaintext
0.6.0
|