SSH Connect to Mezz PC#3685
Open
sauravbanna wants to merge 23 commits intomasterfrom
Open
Conversation
…ts/Software into sauravbanna/mezzsh
…are into sauravbanna/mezzsh
Contributor
|
This is a really cool feature. If I am understanding correctly, we can now connect to the mezz pc even outside of Vancouver? |
Lmh-java
reviewed
May 10, 2026
| # 1. no other users (IRL or remote) are using the PC | ||
| # OR | ||
| # 2. the force flag is provided | ||
| if ([ ! -z "$LOCAL_USER" ] || [ ! -z "$REMOTE_USERS" ]) && [ "$FORCE_CONNECT" != "1" ]; then |
Contributor
There was a problem hiding this comment.
Suggested change
| if ([ ! -z "$LOCAL_USER" ] || [ ! -z "$REMOTE_USERS" ]) && [ "$FORCE_CONNECT" != "1" ]; then | |
| if ([ ! -z "$LOCAL_USER" ] || [ ! -z "$REMOTE_USERS_LIST" ]) && [ "$FORCE_CONNECT" != "1" ]; then |
| # we technically hae already have an active connection at this point | ||
| # just no shell is provided | ||
| # close the connection after 1 min | ||
| sleep 60 |
Contributor
There was a problem hiding this comment.
Why do we need to wait for 60s here.
Comment on lines
+47
to
+48
| # Trigger the visual warning dialog if someone is using the PC IRL | ||
| bash /home/thunderbots/Software/scripts/mezzsh/utils/connection_warn.sh & |
Contributor
There was a problem hiding this comment.
So when connection is successful, this script will still run even if there is no local user?
| echo "--- Registering New Remote User ---" | ||
|
|
||
| # Add to authorized_keys with a command restriction | ||
| ENTRY="$PUB_KEY |
|
|
||
| # This step uses a match block to modify these ssh settings for only 1 user | ||
| # Clean up any previous global ForceCommand we might have added | ||
| sed -i '/Match User $TARGET_USER/,/AcceptEnv SSH_CHECK_MODE FORCE_CONNECT/d' $SSHD_CONFIG |
Contributor
There was a problem hiding this comment.
Single quote wont expand variables, is this intended?
https://stackoverflow.com/questions/6697753/difference-between-single-and-double-quotes-in-bash
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Adds ability to SSH into the Mezz PC.
Warns all new connections if anyone is using the PC remotely or in-person already. Allows users to force a connection. Shows a warning in-person when anyone connects.
Shows the names of all remotely connected users in the warning.
Uses Tailscale as a VPN to get around UBC blocking incoming connections.
Usage
On the client side:
bash mezzsh_keygen.shto generate a private-public key pair.To connect:
bash mezzsh_connect.shOn the Mezz PC side:
mezzsh_setup.sh: sets up the ssh server, dependencies, etc.mezzsh_server.sh: The script that handles incoming ssh connectionsThe public key will have to be added to the Mezz PC's authorized keys, using the
mezzsh_keystore.shscriptPictures
In-person user warning to the remote user
Other remote users warning to the remote user
Dialog warning to the in-person user on the Mezz PC
Testing Done
Tested the different scenarios manually:
Resolved Issues
Length Justification and Key Files to Review
Review Checklist
It is the reviewers responsibility to also make sure every item here has been covered
.hfile) should have a javadoc style comment at the start of them. For examples, see the functions defined inthunderbots/software/geom. Similarly, all classes should have an associated Javadoc comment explaining the purpose of the class.TODO(or similar) statements should either be completed or associated with a github issue