Upgrade Notes ------------- Instructions for using jumppoint 0.4.0 -------------------------------- jumppoint is an X11 GUI tool for automating SSH sessions. It's current features are: - Command line or GUI - Encrypted password storage - Configurable interface - Customizable menus and extensibility through perl modules. - Floating toolbars - Automatically logs into remote servers - Automatically do file transfers via scp - Can execute a command of remote hosts before going interactive (e.g. to customize prompt, environment, etc.) - Supports your favorite XTerm (I know it works with gnome-terminal, rxvt, ETerm, and konsole) - Built in scripting support (via perl). Write scripts to do your remote administration for you :) Installing jumppoint -------------------- This program relies on several libraries, most of which are provided with it. The crypt++ lib and fltk are precompiled, so you may need to rebuild them for your system if you get errors. If you need to rebuild FLTK from source you will need to get a snapshot of FLTK2. You should find the FLTK sources used with the current jumppoint build on the homepage for jumppoint. The FLTK home page is http://fltk.org/ The external stuff you need to have is: - Expect (http://expect.nist.gov/) - Perl (http://www.perl.com/) Almost all distros come with Expect and installed. Some distros (SuSe and Debian at least) also come with FLTK. Perl should be on most systems already and if it's not you've got a lame system :) *IMPORTANT* Some distros (Debian) ship with a buggy version of expect that will not work with jumppoint. If you have libexpect5.31 you may need to either upgrade to the very latest version of expect (from http://expect.nist.gov/) or downgrade to expect 5.2*. 5.28 works fine so RedHat/Mandrake people are OK. I have been in contact with the Debian maintainer of Expect, it is unlikely that this will be fixed for the potato release, but the Expect and Tcl packages for woody work (though I had to do some tweaking with the lastest stuff). To build jumppoint, just do the standard configure routine: ./configure make make install (as root) And you're good to go. jumppoint installs to /usr/local/bin by default. If you don't have that in your path, add it or change the install target in the Makefile to point to someplace in your path. Running jumppoint ----------------- Once installed, fire up the program with the command 'jumppoint' and you'll get the main window. Everytime you start jumppoint you will be prompted for a password. This can be any thing you want, it's you personal password which jumppoint will use for encrypting and decrypting server passwords. Remember it or write it down somewhere because jumppoint won't keep it around between sessions. When the GUI is running you will see the main window which has a menubar, a tree browser for viewing your server list, a status browser, where jumppoint and some modules will display messages, and a command input textbox at the bottom of the window. You may enter any valid perl commands into the textbox and jumppoint will evaluate it. The server tree has a pop up menu that is accessed by clicking the right mouse button. From this menu you can edit your host settings and launch new ssh sessions. Avoid using the Preferences dialog from the main menu right now. Only the tab labelled 'Tools' is valid for anything, the other two are outdated and haven't been fixed for this release. Scripting --------- The jumppoint GUI has a runtime perl interpreter available to it. You can write scripts/modules in perl and use them within jumppoint and call them from the configurable menus. This functionality is brand new and as such is in need of documentation and refinement. My next step is to improve the UI as a whole and make more elements available for custom scripting. See the documentation and example configs in the doc/ directory for how to customize jumppoint. A HowTo will be available as soon as I get a chance to write it. Several example jumppoint scripts are provided in the scripts/ directory. Some of them are even useful :) The docs directory also contains documentation on all the functions jumppoint adds to perl. Bugs ---- These have moved to the BUGS file in this directory. Security -------- IMPORTANT! WARNING! DISCLAIMER! and so on. Encrypted passwords are not a sure fire security feature. Every time jumppoint is run, either from the GUI or the command line. It will prompt you for your passphrase, which is uses for encryption. When the GUI is run, it does keep this phrase stored in the config (encrypted) so that new sessions do not require prompting you a zillion times. It then removes it when the GUI exits. This is *NOT* a fullproof security feature by any stretch of the imagination. It's a deterrant, something to give you a little added safety should your account get cracked and to prevent people from running malicious jumppoint scripts should they gain access to your account. Speaking of scripts...do *not* run untrusted scripts, this should be a given with any type of scripting, however since jumppoint scripts could connect to your remote machines and do nasty things to them too it is doubly important. It is *vitally* important that you maintain sound security on any system which you use jumppoint on. If someone breaks into your user account and runs amok with all your stuff I don't want anyone emailing me to bitch that a dozen boxes of theirs got owned because they didn't keep the one box with jumppoint installed on it locked down. So, in summary, if you want to use jumppoint, and not throw security out the window, do one or more of the following: * Use a strong passphrase, as you should with any password. * Avoid logins as root on remote systems. * Scrutinize any scripts you intend to use with jumppoint. * Take the .jumppoint directory out of $HOME when not in use. * Keep your system security tight (which you should do anyway).