Thursday, July 14, 2011
Thursday, December 16, 2010
I've turned off history.shellsink.com. It makes sense since all the source code is in launchpad, and since hosting your own private shellsink on appengine is free. Anyone still using shellsink can migrate to their own private shellsink server. And now I can stop paying for the domain name and storing people's shell commands on my appengine account. Thanks to everyone who contributed to the project.
at 11:20 PM
Thursday, December 9, 2010
What is it?Shell Sink is a web accessible version of your bash history. Commands issued in bash are sent to shell_sink by a simple open source client application. Once a command is in shell_sink you can search, annotate and tag it.
Who should use it?shell_sink is for anyone with a unix system. Linux, BSD, OSX, Solaris, Playskool. It should be noted that shell_sink is currently under active development.
- Login to shell_sink with your google account.
- Copy your unique id from the Preferences page.
- Install the client application.
Questions, Issues:The shell_sink google group is the place for questions and discussion. The bug tracker is where to put your feature requests and issues pertaining to the shell_sink website. The client is open source software. Source code can be found here.
Sunday, November 28, 2010
Installing the sink client should be a snap. There are only 2 steps:
- Install the shellsink-client application
- Configure a couple environment variables
Debian Based Distributions
If you have a Debian based distribution you can install shellsink-client by adding the shellsink repository to your apt sources. Go to this page for instructions and follow the instructions under the link that says "Technical details about this PPA." Once you have added the shellsink repository you can update your package lists and install the client with
sudo apt-get updateFinally, you must append this file to your ~/.bashrc to enable the client. Be sure to replace the default tags with your own meaningful tags and most importantly set the default id to whatever you see here.
sudo apt-get install shellsink
Other Types of Unix
For other flavors of unix you can download the shellsink-client executable here and put it in your path. Once the client is installed you must set a few environment variables. Append the contents of this file to your .bashrc or .bash_profile. If you use zsh see this how-to. Be sure to change the id variable to be the one that was assigned to you by the shellsink server on the preferences page. Also change the tags. I always start with the name of the host machine as my base tag so I know which computer logged which command.
Finally, just close your terminal and reopen it. Type a command and go see if it has been logged to the shell_sink server.
Monday, September 28, 2009
Release 0.2.2 adds a new feature. You can add tags to a command at the same time as you execute it. This is achieved by using inline comments. Here is an example:
cat /proc/cpuinfo #sysadmin:diagnosticThat command will show up in your shellsink history with the tags sysadmin and diagnostic. This nifty idea was given to me by Jesse Hallett at my shellsink presentation at the open source bridge conference in portland this summer. Thanks Jesse.
Saturday, May 2, 2009
When I tell people about ShellSink, many of them say, "hey, that's a great idea!" Then the little sysadmin perched on their shoulder crosses her arms and shakes her head. "Tsk, tsk. Storing your shell history on a remote server is not secure!", she says. This is absolutely true. Not only is your bash history passed via an insecure Http connection, but then it is stored unencrypted on Google's servers where a rogue Google employee, someone who hacked Google, or a rogue ShellSink admin could access them. Don't use shellsink on a system that needs to be ultimately secure!
However, Shellsink is safe to use. If you use Google for email, calendar, documents, etc. then you already trust them with information that is probably more sensitive than your shell history. And if you don't trust me you can download the ShellSink source code and spin up your own server using Google's AppEngine. In any case you should still take some basic precautions. Most importantly, never use inline passwords!! ShellSink will send anything your bash history captures.
Here are several ways to safeguard yourself against sending sensitive information to ShellSink. One technique is to add the following to your .bashrc:
HISTCONTROL=ignorespace;Now any command you precede with a space will NOT be captured by the history, and thus will not be sent to the ShellSink server. Another technique is to add the following to your .bashrc:
HISTIGNORE="netstat*:sqlplus*"In this example any command that starts with netstat or sqlplus will automatically be ignored by the shell history and ShellSink. Both these techniques give you different granularity control over what gets sent to ShellSink. The first technique works on a per command basis and the second covers all commands.
Finally, there is the nuclear option:
shellsink-client -dThis completely disables ShellSink for all terminals. I don't really have much use for this one, but when you start to do something that you are ultra paranoid about, this is one way to be sure nothing is leaving your computer via ShellSink. To re-enable ShellSink simply do this:
I'm going to be in Portland for the Open Source Bridge Conference (OSB) to talk about ShellSink. The abstract I submitted is overly ambitious as I promised to cover shellsink usage, implementation as well as distribution via Launchpad. I've decided to stick to usage and implementation of shellsink as I am giving a presentation entirely dedicated to distributing software via launchpad at OSCON this year. Of course, OSB has the totally awesome 24hour hacker lounge as well as an entire day dedicated to uncoference antics and open space shennanigans, so if anyone feels shortchanged I'd be happy to spend some time talking about launchpad (or whatever) in any of those situations. Please drop a line if you are going to be at OSCON or OSB this year.