inicio mail me! sindicaci;ón

SSH Tunnel Manager

July 18, 2007 at 4:32 pm · Filed under oldbrew

After reading Gary Vaughan’s recent blog post on MacBook Installation Applications 101, i decided to check out one of the tools he mentioned called SSH Tunnel Manager.

SSH Tunnel Manager

SSH Tunnel manager is a rather nifty tool which allows you to manage a list of SSH tunnels, which basically securely forwards ports on your own machine to a remote one.

So for example, if i had an administration control panel running on my web server, i might want to make it so that i could only connect to it locally (so there would be practically no chance of anyone on the internet accessing it).
But i would still want to access it remotely, and the only way for me to do that is make an SSH tunnel which acts as if i am connecting locally on the machine, when in reality i am not.

Any would-be hacker would need to figure out the login details on my SSH server in order to have a chance of accessing the control panel.

Now whilst this app was great, i noticed something a bit disturbing about it. It turns out that its been quite a while since it was last maintained, and thus it it still a PPC binary, meaning if i run it on my brand new shiny Intel mac, i have to let Rosetta run, which is memory hungry and gobbles up precious CPU time!

Luckily, the developer also provided the source code to the application. So the solution was obvious: i needed to recompile this application as a Universal Binary, which means it will run natively on both PPC and Intel mac’s.

This didn’t end up being very hard, i.e.:

  • Download and unpack the source code
  • Open the project file in XCode (converting it to the new format)
  • Replace the ssh executable in the resources with the version from /usr/bin
  • Set the configuration to “Deployment” and build
  • Run it and hope it works

Thankfully for me, it built properly (with the exception of a few warnings, though they didn’t look too serious). So now i have a nice and shiny native version of the SSH Tunnel Manager on my mac.

In case anyone doesn’t want to go through the 5 step solution, or perhaps you don’t have XCode installed on your machine, here is a copy for you to download.

Viewing 2 Comments

    • ^
    • v
    Being paranoid and suspicious (it’s a prerequisite for teaching IT Security, sorry), I followed your recipe and compared the resulting app with the one you’re distributing…
    <pre>$ diff -burpN azazil/SSH* cuppadev/SSH*
    Binary files azazil/SSH Tunnel Manager.app/Contents/MacOS/SSH Tunnel Manager and cuppadev/SSH Tunnel Manager.app/Contents/MacOS/SSH Tunnel Manager differ
    $ ls -l azazil/SSH Tunnel Manager.app/Contents/MacOS/SSH Tunnel Manager
    56 -rwxr-xr-x 1 gary gary 57236 Jul 18 16:47 azazil/SSH Tunnel Manager.app/Contents/MacOS/SSH Tunnel Manager
    $ ls -l cuppadev/SSH Tunnel Manager.app/Contents/MacOS/SSH Tunnel Manager
    144 -rwxr-xr-x 1 gary gary 144132 Jul 18 11:49 cuppadev/SSH Tunnel Manager.app/Contents/MacOS/SSH Tunnel Manager
    </pre>

    Hmmm…. I wonder what all that extra code is? Are you uploading my private keys to an anonymous ftp server somewhere? ;) But then I realised that you hadn’t explained how to configure the build as a Universal binary, and that I have just a slim intel binary. Incidentally, when I build a Universal version, my binary is still more than 3000 bytes larger than yours. Probably a slight difference between our versions of XCode. ;)
    Cheers, Gary
    • ^
    • v
    Hi Gaz,

    Haha, i wondered if you would put your security hat on and investigate what secret code i inserted (thankfully none) :)

    The XCode version i used was v2.4.1. And yes, i did miss out the step of making the arch option "i386 ppc".

    With regards to security, i am surprised Apple haven't added some signing mechanism for applications, considering they are supposed to be security conscious. Actually, that sounds like a great idea for a third party app...

    BTW, the comments are "textile formatted":http://en.wikipedia.org/wiki/Textile. I shall try and fix your comment for you.
 

Trackbacks

(Trackback URL)

close Reblog this comment
Powered by Disqus · Learn more
blog comments powered by Disqus