- - - By CrazyStat - - -

13. June 2017

Putty: Automatically start an SSH tunnel without a window (headless)

Filed under: Windows — Tags: , , , , , , , — Christopher Kramer @ 21:23

You use Putty to tunnel some port through SSH to a foreign network but manually starting it again and again annoys you and the window gets in the way? Here is your solution. It requires admin rights and is tested on Windows 7 Professional only. Please let us know in the comments whether it works the same in your windows version.

  1. Set up your SSH tunnel in putty and save it as a session (e.g. with the name mytunnel). Make sure to use keys for authentication and that the key does not require a passphrase. Without a window there is no way to enter the passphrase of course ;-). If you worry about security, best restrict the rights of the user that you connect to as much as possible.
  2. Press WINDOWS + R and enter Taskschd.msc to start the Windows Task Scheduler. Accept the UAC prompt, if any.
  3. In the tree on the left, select the folder Task Scheduler Library.
  4. On the right, click Create task…
  5. Enter a name like SSH Tunnel.
  6. Choose Run whether user is logged on or not (this is important to make sure the window does not pop up).
  7. Click the checkbox Do not store the password. The process will only have access to local resources.
  8. Switch to the Triggers tab.
  9. Click the New… button
  10. Select a trigger that suits your needs. I chose Daily,  recur every 1 days, Repeat task every 30 minutes for the duration of 1 day and stop all running tasks at the end of repetition interval.  Click OK. This will restart the SSH tunnel every 30 minutes, so you might be left without connection for at most 30 minutes. You could add another trigger at startup or login if you need that.
  11. Switch to the Actions tab.
  12. Click the New… button.
  13. Choose Start a program as action.
  14. Use the Browse button to find plink.exe, which belongs to putty, you can download it here.
  15. Next to Add arguments, enter the name of your putty session (e.g. mytunnel).
  16. Click OK.
  17. You can adjust more settings like in the Conditions tab, unselect Start the task only if the computer is on AC power to make sure your tunnel also starts when your laptop is operating on battery, if necessary.
  18. Click OK.
  19. Right click your task and select Run to see if it works as expected. No window should come up but your ssh tunnel should be working.

Let me know if this saved your day and what you are using it for. I am using this to create an SSH tunnel for Sophos Endpoint Security and Control to fetch its updates from a server that is only accessible from an internal network.


Try my Open Source PHP visitor analytics script CrazyStat.

9. June 2017

Automatically run WP-CLI as the correct user

Filed under: Linux,Server Administration,Wordpress — Tags: , , , , , , — Christopher Kramer @ 19:04

You are root, your php runs with a different user for each site / customer e.g. using PHP-FPM. And these users don’t have a shell assigned. So how can you easily run wp-cli with the correct user to avoid permission denied-problems?

This is how: Define an alias for wp in your shell config, e.g ~/.bash_profile like this:

alias wp='sudo -u `stat -c '%U' .` -s -- php /usr/local/wp-cli.phar --path=`pwd` '

This will first run stat -c %U . to get the owner of the current folder. Then it will pass this to sudo to execute the command as this user. You might need to adjust the path to the phar-file.

Relogin so the alias takes effect and have fun! 🙂

Now when you are in the folder of some site and run wp-cli with the wp command, it will always automatically run with the user that is the owner of the wordpress-folder, which should be the user assigned to this site.

This is tested on a Debian Wheezy system. On FreeBSD, you would need to adjust it slightly:

alias wp='sudo -u `stat -f '%Su' .` -s -- php /usr/local/wp-cli.phar --path=`pwd` '

Let me know if this saved your day or you still have some problems.