SSH to a server through a bastion host with a single command

With command-line SSH, it's easy, just do:

ssh -t <intermediate> ssh <destination>

With putty, the following batch file will do the trick (pass the destination host as the first argument):

SET DATFILE="%TEMP%\bastion.tmp"
echo ssh %1 > "%DATFILE%"
start putty -load "<putty session name>" <intermediate> -t -m "%DATFILE%"

Fix for communicating with Pageant from a cygwin process

As I mentioned previously, Pageant's security measures reject messages coming from cygwin processes (and their children). I submitted a patch that fixes this for charade. The trick is to copy the security descriptor from the Pageant process so they'll be an exact match. Any app should be able to use this same technique.

Sadly, the Putty folks have failed to incorporate the change into winpgntc.c.

How to fix horrible performance of Java apps in Remote Desktop

Raymond Chen has a great article about developer "taxes". One of the taxes is making sure your app works well in Remote Desktop. Java apps are notoriously bad about getting details like these right. IntelliJ and NetBeans (probably two of the top three IDEs) perform so horribly over Remote Desktop that they're basically unusable.

I tracked the problem down to a Java property that disables use of DirectDraw. A lot of Java apps seem to do this due to a poor implementation in earlier versions of java (*sigh*). Fortunately, there's an easy fix -- the property can be changed by adding this to the command line:

-J-Dsun.java2d.noddraw=false

Related articles

• Is it time to switch back to IntelliJ? (nofluffjuststuff.com)
• RubyMine Welcomes All NetBeans Users (java.sys-con.com)

KeyFix4000 now available on GitHub

The source code for KeyFix4000 has always been available, but it's now up on GitHub. Enjoy.

Using charade to proxy cygwin ssh-agent requests to pageant

See charade’s readme for some background. It’s really handy if you want to use pageant as the agent for the cygwin ssh client (in addition to putty). There are two problems I’ve encountered:

1. Pageant’s security measures reject the proxy request due to the two processes running with different SIDs.
2. The proxy agent isn’t seen by any processes launched from your outside your shell (since the environment variables only get set in ~/.bash_profile)

Issue #1 can be solved by running both pageant and putty with cygstart – see the issue page for more info.

Here’s my solution for issue #2. Instead of running keychain at the start of every login shell, just run it once at Windows startup, and set the environment variables system-wide using setx. Here’s my shell script that does that:

#!/usr/bin/sh
# Be sure to run this script in a login shell so that cygwin paths are properly
# set, otherwise the Windows version of hostname will run and mess things up

/usr/bin/keychain -q -Q

# The -csh script works perfectly since we can just substitute setx for setenv
alias setenv=setx
. ~/.keychain/`hostname`-csh

Update:
Since this is only running once at startup, keychain isn’t really needed. And to simplify a bit more, it can be done in a batch file:

REM Kill any existing instances first
killall charade
SET FN=%TEMP%\ssh-agent-init.bat
REM The -csh script works perfectly since we can just substitute setenv for setx
charade -c | sed 's/setenv/setx/' | sed 's/;$//' > %FN%
call %FN%
del %FN%

A solution for sharing Perforce workspaces using AltRoots

Perforce lets you share workspaces between Cygwin and Windows. The same technique can be used to share between Linux and Windows, when sharing the data via Samba – but there’s a pretty big catch.

If you run p4 sync in Linux from outside the AltRoot location, p4 will sync to a new directory with the name of the p4 Root. Say you accidentally run p4 sync from the /etc dir – you’ll end up with a directory like /etc/S:\workspace, and your real workspace directory will now be out of sync. (This isn’t a problem with p4 for cygwin, since cygwin can interpret Windows paths.)

Here’s a workaround:
1) Remove the base directory from the Root and AltRoot paths
2) Add the base directory to all paths in the workspace mapping
3) Add / as a second AltRoot
4) Create a symlink in / with the name of the base directory, pointing to the real location.

By using / as a second AltRoot, every linux directory will match, and the default root will never be used.

Update:
Here's a simpler workaround that instead just results in a an error message when running p4 outside of the workspace root.

1) Set P4CLIENT to something invalid like `XXXXX - Running from invalid root`
2) Set P4CONFIG to `.p4config`
3) Create a file called `.p4config` in your workspace root. Inside add the line `P4CLIENT=[Name]` substituting [Name] with your real client name

Synergy patch

Synergy has a nasty bug where if you switch screens with a hotkey, then switch again with the mouse, the hotkey modifier key gets stuck in the down state. I submitted a patch a few years ago, but it never got integrated since the project wasn't being maintained. Synergy has now been resurrected and merged with Synergy+, and the bug still exists. Here's the patch (which will need some tweaking for the new codebase).