Skip to content

How to Install tmate slave on CentOS 6.6

Jump to bottom Edit New page
John Brooker edited this page Apr 23, 2015 · 10 revisions

###1- Install required packages for tmate and for compiling

Use group install for development tools. It will install all the following pakcages for you: autoconf automake binutils bison flex gcc gcc-c++ gettext libtool make patch pkgconfig redhat-rpm-config rpm-build rpm-sign

# yum groupinstall -y 'Development Tools'

Then install other required packages for tmate

# yum install -y git kernel-devel zlib-devel openssl-devel ncurses-devel cmake ruby libssh-devel wget

Check if libevent is installed and the version. We need libevent2

# rpm -qa | grep libevent
libevent-devel-1.4.13-4.el6.x86_64
libevent-doc-1.4.13-4.el6.noarch
libevent-headers-1.4.13-4.el6.noarch
libevent-1.4.13-4.el6.x86_64

If the version is older, remove it

yum remove -y libevent libevent-devel libevent-headers

Download libevent2

wget https://github.com/downloads/libevent/libevent/libevent-2.0.21-stable.tar.gz
tar xf libevent-2.0.21-stable.tar.gz
cd libevent-2.0.21-stable

Compile it and install

./configure && \
make && \
make install
cd ..

Create a symbolic link if you are on a 64-bit server

ln -s /usr/local/lib/libevent-2.0.so.5 /usr/lib64/libevent-2.0.so.5

###2- Installing tmate-slave

Install tmate-slave

git clone https://github.com/nviennot/tmate-slave.git
cd tmate-slave/
./autogen.sh && \
./configure && \
make && \
make install

Setup kernel capabilities so tmate-slave can be run by an uprivileged user:

setcap CAP_SETUID,CAP_SYS_ADMIN,CAP_SYS_CHROOT,CAP_SETGID=+ep /usr/local/bin/tmate-slave

###2- Configure tmate-slave

setup tmate-slave user

useradd tmate-slave

setup keys

./create_keys.sh 
install -d -m 0700 -o tmate-slave -g root keys/* /etc/tmate-slave/keys
mv keys/* /etc/tmate-slave/keys
sudo chown -R tmate-slave /etc/tmate-slave

Setup log files

touch /var/log/tmate-slave.{log,err}
chown tmate-slave /var/log/tmate-slave.{log,err}

Setup daemon

cat << 'EOF' > /etc/init.d/tmate-slave
#!/bin/sh
### BEGIN INIT INFO
# Provides:
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start daemon at boot time
# Description:       Enable service provided by daemon.
### END INIT INFO

dir="/etc/tmate-slave"
user="tmate-slave"
cmd="/usr/local/bin/tmate-slave"
port="8080"
args="-k /etc/tmate-slave/keys"

name=`basename $0`
pid_file="/var/run/$name.pid"
stdout_log="/var/log/$name.log"
stderr_log="/var/log/$name.err"

get_pid() {
    cat "$pid_file"
}

is_running() {
    [ -f "$pid_file" ] && ps `get_pid` > /dev/null 2>&1
}

case "$1" in
    start)
    if is_running; then
        echo "Already started"
    else
        echo "Starting $name"
        cd "$dir"
        su - "$user" -c "$cmd -p $port $args" >> "$stdout_log" 2>> "$stderr_log" &
        echo $! > "$pid_file"
        if ! is_running; then
            echo "Unable to start, see $stdout_log and $stderr_log"
            exit 1
        fi
    fi
    ;;
    stop)
    if is_running; then
        echo -n "Stopping $name.."
        kill `get_pid`
        for i in {1..10}
        do
            if ! is_running; then
                break
            fi

            echo -n "."
            sleep 1
        done
        echo

        if is_running; then
            echo "Not stopped; may still be shutting down or shutdown may have failed"
            exit 1
        else
            echo "Stopped"
            if [ -f "$pid_file" ]; then
                rm "$pid_file"
            fi
        fi
    else
        echo "Not running"
    fi
    ;;
    restart)
    $0 stop
    if is_running; then
        echo "Unable to stop, will not attempt to start"
        exit 1
    fi
    $0 start
    ;;
    status)
    if is_running; then
        echo "Running"
    else
        echo "Stopped"
        exit 1
    fi
    ;;
    *)
    echo "Usage: $0 {start|stop|restart|status}"
    exit 1
    ;;
esac

exit 0
EOF

chmod +x /etc/init.d/tmate-slave

###3- Starting tmate-slave

If SSH is running, select another port and start tmate

sudo service tmate-slave start

###4- Configuring the client to use your server

Create $HOME/.tmate.conf with the following

set -g tmate-server-host "[your server FQDN]"
set -g tmate-server-port [server port]
set -g tmate-server-dsa-fingerprint   "dsa fingerprint"
set -g tmate-server-rsa-fingerprint   "rsa fingerprint"
set -g tmate-server-ecdsa-fingerprint "ecdsa fingerprint"
#set -g tmate-identity ""              # Can be specified to use a different SSH key

tmate-slave make编译失败 tmate-ssh-server.c: In function ‘prepare_ssh’: tmate-ssh-server.c:349:29: error: ‘SSH_BIND_OPTIONS_IMPORT_KEY’ undeclared (first use in this functio n) ssh_bind_options_set(bind, SSH_BIND_OPTIONS_IMPORT_KEY, rsakey); ^ tmate-ssh-server.c:349:29: note: each undeclared identifier is reported only once for each function i t appears in

Add a custom sidebar
Clone this wiki locally