Hacker News new | past | comments | ask | show | jobs | submit login
iTerm2 Shell Integration (iterm2.com)
345 points by rayshan on July 13, 2015 | hide | past | favorite | 98 comments



I'm here to answer questions anyone has about this. It's a newish feature so feedback is welcome, and bug reports are greatly appreciated.

Also, credit goes to FinalTerm for the inspiration. RIP.


I'm using a german keyboard and the shortcut cmd-; is inaccessible because ';' is shift-,

I couldn't find a way to customise the shortcut in options. Sorry if I was too stupid to find it.

Great work otherwise.


Good to know. You can customize shortcuts by going to prefs>keys. Click the + to add a new key mapping. Press the shortcut you want. For Action choose "Select Menu Item…" and then find the item you're looking for in the popup menu that appears (Edit>Open Autocomplete…, in your case).


Same here in Norway (and the entire Scandinavia).


Lots of stuff seems broken by default if you are on an exotic layout. I am on a Macbook with a Danish-layout, and ALT+ARROW_LEFT/ARROW_RIGHT doesn't work out of the box in iterm2, however it seems to work if you rebind, or type this into .inputrc:

  "\e\e[D": backward-word
  "\e\e[C": forward-word
I'd love to switch to an american keyboard, because lots of Unix things seems impossible to type with my current keyboard, but maybe I am just being stupid.


I switched from a Norwegian keyboard to a UK keyboard with intl. English map on my MacBook. Default keyboard shortcuts suddenly made so much more sense - and I can code without having to use my nose when I run out of fingers for modifier keys. ()[]{}\|/:;' are all available using at most a single modifier (many of them without). Scandinavian characters are available using a single modifier for when I don't code, ex alt-a for å. Definitive productivity boost for me.


On the one hand, I appreciate that English is as pervasive as it is in software engineering, being an American... on the flip side, it's a bit disappointing how little effort is often made to make sites and applications less friendly to foreign inputs and layouts (including inputting names).


As an iterm2 and fish shell user I appreciate the work you guys are doing on bringing this to fish. Thank you! :)


+1


Thanks for your hard work and generosity.

How should we think about the security story when sshing from a more trusted to a less trusted host?


Great question!

When installing, especially on an untrusted host, follow the manual installation instructions. The menu item will just output a curl|bash command (currently; this will likely change in the future).

If the host is really untrusted you're screwed, of course. Bad guys could modify your ~/.iterm2_shell_integration.bash and you'd never know. But this script is not special in any way (except that it's kinda complex and is run automatically). Maybe hash it from time to time if you're really paranoid.

The scripts assume that various things in your path are safe to run. printf, hostname, sed, echo, etc. If those are compromised you're in a bad way, and I don't think shell integration exposes anything that ordinary use wouldn't.

If you've been compromised badly enough that an attacker can decrypt your ssh session, your current directory will be revealed at each prompt. But it probably is since most people have that in their $PS1 anyway. Also the host's idea of its fully-qualified domain name.

Probably the most risky aspect of shell integration is the secure copy feature. It's possible that there's a bug in my use of libssh2 or that there are unpatched vulnerabilities in an out-of-date build of iTerm2 (or an up-to-date version of iTerm2 with an out-of-date libssh2). I try to stay on top of changes to libssh2 but I am human and Sparkle (the auto-updater) is not flawless either.

That's all that comes to mind. I'm sure other folks on here can think of more interesting attacks or vulnerabilities.


Is there a risk of the untrusted host injecting things into the shell output without permission? It looks like there's no authentication, so if I SSH somewhere untrusted that can output raw characters to my shell (which, I believe, includes git pushing over SSH, etc.), it can output the right escape sequence and insert false things into my shell history. With further cleverness, it could almost certainly inject things that look like commands I would have run but actually run evil things.

I don't have a great solution to suggest for this. One option is to add some sort of per-user static password to the escape sequence, and insert it in the file that's copied to each (trusted) host, but that just seems questionable. A better one might be to make the communication use a socket instead of an escape sequence, and forward the socket (recent OpenSSH can forward UNIX domain sockets) to trusted hosts, but that's its own mess.

This is such a useful feature, though, especially with remote hosts. It'd be a pity if it can't be done securely. :/

(While we're on the subject of security, there's an obscure attack involving interrupting the download of a `curl | sh` script -- which a MITM can do, even over SSH -- and relying on the shell to execute a partial command line. I learned about this from the Sandstorm folks, who have a workaround in https://install.sandstorm.io/ involving the sh equivalent of an IIFE.)


Yeah, it's possible they could do that if you're on a shared machine with a world-writable tty, or if a program blindly outputs info from an evil server. There's a good chance you'd notice something hinky going on, and of course there's no guarantee you'd run a command in history. Also, when you double-click on a command in history, you still need to press enter to execute it, so you'd have a chance to review the evil command. And if you're using a terminal that doesn't swallow unrecognized sequences (like Gnome terminal) you'd see the guts of the escape sequence.

Your password idea would work. It would be nearly impossible to establish a shared secret, unfortunately. It's really hard to do any kind of authentication over a one-way channel, which you almost always have to assume is what you've got in the world of terminal emulation. Key management retains its title as the worst part of crypto. The socket thing doesn't work (at least as the default mode) because nobody knows how to forward sockets and 99% of users would choose to forego the feature over learning a new ssh flag and making it work everywhere. There are gnarly race conditions there, too. How do you correlate prompts with messages on the socket?

I'm open to suggestions, but I don't see a way to make it both convenient enough to be generally useful and bulletproof.

I do plan to nuke the curl|bash thing. It was a shortcut to ship faster and to make it easy to update scripts in the field quickly when bugs were found. I did imagine everyone on hacker news scowling at me when I wrote that code, FWIW.


> The socket thing doesn't work (at least as the default mode) because nobody knows how to forward sockets

I suspect that you can do this with SSH configuration (LocalForward ~/.something:~/.something), but I haven't tested it. It mostly depends on whether you're willing to configure this, but perhaps the installer can put that at the top of ~/.ssh/config, so it's global, with a comment saying "If you don't want this globally, delete it or put it after a `Host example.com` line". Even if you trusted all SSH hosts, this would protect you from the git-clone attack.

You could probably also abuse X11 forwarding for this, which has the advantage that trusted X11 forwarding is basically the right security boundary and is just `ssh -Y`, and the disadvantage that now you're relying on X11 (or worse, a custom X11-speaking proxy so you can avoid requiring the server or client) on both sides.

> There are gnarly race conditions there, too. How do you correlate prompts with messages on the socket?

Send a token or hash in-band, and send the actual command out-of-band. If you receive an unknown token, ignore it.

> I do plan to nuke the curl|bash thing. It was a shortcut to ship faster and to make it easy to update scripts in the field quickly when bugs were found. I did imagine everyone on hacker news scowling at me when I wrote that code, FWIW.

:-)

curl https:// | sh is IMO a perfectly reasonable way to install software (at least in a world where ./configure && make install is reasonable; I don't know any humans who can audit the output of GNU autoconf). It just has this one weird problem. I sort of dislike the stigmatization of it precisely because it's hard to talk about how to do it well.


This looks really cool. One question - if I'm tunneling through one server to the next (required for me to access production servers) does the file upload/download still work?


As long as it's reachable from your client. I answered elsewhere in this thread on how to upload and download if not.


I use ssh jump hosts a lot with ssh keys. I imagine the scp download only downloads directly? It seems to always ask for passwords.


It somehow breaks my virtualenv prompt...


Same here - it multilined it


Is iTerm keeping my history safe? Where is it saved, and how is it kept safe?


It's stored in ~/Library/Application Support. Whether that's safer than your shell's own history depends on your personal threat model. You can turn off "Prefs>General>Save copy/paste and command history to disk" to disable this if your mac is untrusted.


Do you think your regular bash history is safe? Relevant: https://xkcd.com/1200/


I don't. Which is why I'm hoping iTerm is different.


So you want your bash history safer than your private ssh keys? Like at userspace, there's very little point in protecting anything. Just lock your computer when you walk away from it.


I want my bash history encrypted so that it can't be read by anyone who might gain access to my machine.


Typo: "respsects"


Apologies for the really short comment, I was just pointing out you've got a typo on the page:

>iTerm2 respsects ssh_config files, but only a subset of the commands are understood:

Just trying to be constructive!


Congrats, team! iTerm2 (esp in fullscreen mode) is THE reason I could never go back to windows development.


+1

I used to use cygwin on windows with screen, it kinda works, just everything is so slow. Every time I create a new screen window I had to peek HN for latest posts. LoL


This looks great! I love iterm2 and have used it every day for years. My biggest problem is the configuration -- I just wish it had a plain text configuration file that I could keep under version control. I've experimented with using PListBuddy and a git diff driver to keep the plist under version control but it seems unwieldy and I haven't found that approach useful yet.

Also I don't really understand the difference between the main configuration interface (cmd-,) and the "Edit Session..." interface (right click on iterm2 menu). Possibly related, I have a custom command configured in Advanced -> Semantic History but it keeps reverting back to no command and I just don't understand why.

I would love not to have to use a graphical interface to configure it, I would like a plain text file instead. I think I'm being dumb and a couple hours consideration would lead me to understand any issues I'm having but the fact remains that after years of use its configuration is something I find really painful.


The popup on command completion is a neat feature actually which I've appreciated in gnome-terminal on Fedora 22, nicely integrated into the notification system


Funny how we just finished a discussion about "why haven't you switched to Fish yet," and now this comes along with not-fully-baked Fish support. :)


Update: I just tested it and fish 2.2 works great out of the box.

I haven't had a chance to test it yet, but I believe fish 2.2 will allow the baking to finish. Fish cleverly parses the prompt to figure out how long it is (vs bash which requires you to wrap nonprinting sequences in \[ and \]). Unfortunately fish's support for OSC codes was incomplete. This was a problem because shell integration uses them to report the current directory, hostname, prompt location, etc., so fish would wrap at the wrong location. I submitted a patch a while back, but I can't very well ask people to run a hacked version of their shell. So until a few days ago it was half baked. Now it's like 90% baked :)


Cool, thanks for the update :)


I use iTerm2 a lot in the "visor" (pop up from the top) mode. I have my iTerm2 plist file edited so that it displays no bar icon and pops up even over the full screen apps. It would be really nice to have a feature where instead of a popup alert, the visor window would just slide out, to let me know that it's done.

But all in all, sounds like an awesome set of features, will have to try tonight. Thanks!

PS: On an unrelated note, if later on you could add native support for pop out window to appear in full screen apps, and maybe do a check, so that if you are in full screen app mode, it pops over with 0 y offset, but if it's in a norma screen, it pops up with offset to accommodate the menu bar, that would be awesome. But no rush :), thanks for all the awesome work!


Click to download or drop in to upload is really nice! I'm excited for this!

BTW if you're using iTerm, be aware that ⌘+clicking on a link will open the link in browser or ⌘+clicking a file in `ls` result will open the file with default app.


Even better, cmd clicking on a ./path/file:line string will open in your editor at that line. Perfect for backtraces.


I really like this, but am wondering if something like ZModem over SSH would make the file transfer stuff more convenient...I feel like some things have become more complicated since the BBS days.


You can do that too, but the download.sh script is much more straightforward: https://github.com/gnachman/iTerm2/blob/master/tests/downloa...


Standard ssh protocol supports this already, you can open a file transfer channel on an existing shell connection dynamically.


I'd love to use a terminal with similar features on linux


Terminator comes close, but to be honest, iTerm2 still beats it with its user friendliness and features.

It's really interesting how OS X is the one that has a terminal emulator with the most features out there.

iTerm2 now comes with 24-bit colors, command completion popup, notifications, triggers, profiles, mouseless copy, split panes, search, and you can even have inline images/gifs all out of the box with zero or minimal configuration required. That's just awesome.

All of these features and iTerm2 still feels much faster than Terminator to me.


> It's really interesting how OS X is the one that has a terminal emulator with the most features out there.

In my experience, the vast majority of web developers use OS X. Those of us doing server side and devops work spend a lot of time in the terminal


"It's really interesting how OS X is the one that has a terminal emulator with the most features out there."

Actually that will be Windows with ConEmu. You can even run GUI apps inside the terminal with it.


I found iterm2 to be my most-missed piece of software when switching to linux desktop. Terminator just doesn't compare with ease-of-use, look, and feel. Gnome terminal is nice but lacks some of the rich features.


When I still used Linux on the desktop, I just used urxvt.


Simply in case anyone is not already aware, there are some phenomenal add-on features for urxvt through the perl extensions: https://github.com/muennich/urxvt-perls/

Notably, keyboard-select allows you to cut/paste things into the X buffer from anywhere in the terminal scrollback using only keyboard shortcuts. url-select, conversely, allows you to cycle through any visible URLs and either open them in an external browser or copy them to the X buffer.


The script downloaded over HTTPS then downloads further scripts over HTTP. Watch out.


Fixed, good catch.


Does it work with mosh (https://mosh.mit.edu/)? Thanks.


Looks like mosh swallows OSC codes it doesn't know what to do with. I'll let them know.


Does this update speed up things as well by any chance?

I like iTerm2 a lot, but one day when i coincidentally started using the normal Terminal i noticed how fast it was/how slow iTerm2 was, which is the reason i stopped using iTerm2 and switched to TotalTerminal (a plugin for Terminal.app).


Yes! The incoming bytestream is now parsed into tokens in a separate thread. There are various other performance improvements as well, such as a fastpath for when no double-width characters are present.


Speaking of shell integration, I use this Automator app with "Open with" to open Finder files in a new tmux vim window http://pastebin.com/rxyB8c8k

I use a similar script/Automator app to "Open this directory in iterm" by dragging it into the Finder toolbar http://pastebin.com/1at3CXvP http://i.imgur.com/QGqQSOJ.png


Wow guys, this is great... I'd manually tried setting something up with PushBullet for a few long running commands, but just hitting a shortcut combo is much nicer...

brew installs and bundle installs and the like will be a joy now!


Is it possible to enable/disable features? Since installing, my prompt has been rather buggy, and there are some features I don't particularly care for, but others I really like. For example, my python virtualenv prompt gets broken into two lines, both with a mark, which causes line lengths to misbehave too sometimes. Alternatively, not to sound like a downer, but is there a way to uninstall shell integration? Thanks!


I'd love to see something like iTerm for Windows.


Not exactly an iTerm2 clone but pretty close conemu https://code.google.com/p/conemu-maximus5/


I love conemu, with a git-bash prompt it's about priceless. In case anyone is looking for something similar for Explorer, I've been using a program called Clover for a while.

Linking to the alternativeto page for it, since it's free, but closed source...

http://alternativeto.net/software/clover/?platform=windows


+1 for conemu. It's approach and direction seem to be different than iTerm2, but still a must have on Windows.


+1 for conemu/cmder plus git bash on windows. again, different than iterm2 but also a must have


FWIW, Microsoft have given the command prompt some love in Windows 10.

http://www.hanselman.com/blog/Windows10GetsAFreshCommandProm...


Check out babun. It even has a built-in package manager which sits on top of cygwin.


I didn't know about the Toolbelt, that's pretty useful. It'll be really awesome to have history + recent directories integrated


Great stuff, I've been using iTerm2 for a while and it's really good to see it evolve like this.

I use screen a lot (yes I know, I should switch to tmux one day!) and shell integration doesn't seem to work properly with sessions inside screen. Works perfectly if I ssh directly. Is it going to be supported eventually or is this the ultimate signal for me to switch to tmux?


By default, it is disabled in tmux. It works fine in iTerm2's tmux integration mode, but not in plain old tmux. I'm hopeful that this feature will prove popular and useful enough that I can get tmux to add support for it. To make it work in tmux integration mode just remove the check that $TERM == "screen" in $HOME/.iterm2_shell_integration.$SHELL.


Thanks for the tip. Unfortunately, right clicking on a mark is not working in tmux integration mode.


I just love iTerm2, but I feel it's slow and unresponsive at times (Garbage Collection?) compared to Apple's Terminal. I still keep using iTerm2 because of its features. If there is any way I can profile these slowness and submit a bug report to have it fixed, please let me know!


I assume you're using 2.9.x here. Try turning off prefs>advanced>avoid repainting the screen when the cursor is hidden. Let me know if that makes a difference.


I like the idea of these features, but the "run this random shellscript from the internet" part really bugs me. Could / will you integrate it another way when it comes out of the nightly releases?


Totally reasonable thing to ask, but if you'd scrolled down a few more pixels you'd have had your answer. Directly underneath:

    The easiest way to install shell integration is to select the iTerm2>Install Shell Integration menu item. It will download and run a shell script as described below.
...you'll see:

    "Don't care for piping curl to bash? Do it by hand. First, download the right script for your shell...."


At least it's being served over HTTPS :-)


It is until you look at the script it downloads, which downloads further scripts over HTTP.


I'm concerned about the wget to an external server part. This file should be local to prevent excessive slowness and potential security issues.

Also, is there a zsh version of this file? zsh is extremely popular on osx.


The linked page explains how to install by hand. I'd like to eliminate the curl|bash. It's tricky to deploy a shell script in a terminal emulator, so it hasn't been done yet. The ability to fix bugs without making users upgrade their client has been invaluable during early beta.


Would it be possible for iTerm to "type" the whole thing in for me? It's already executing a curl, can it do the whole thing through the host?


That's the eventual plan. There are a million niggling details, so I didn't do it yet.


Well, if all I have to do is run the script, I can just import it into my git repo (by submoduling iterm2's git repo, if they have one; if they don't, they need one just for this script), and just call it normally (with a bit of if wrapper to not execute on non-iterm2 terms).


Yes, all you have to do is source the script at https://iterm2.com/misc/${SHELL}_startup.in from your ~/.login, ~/.zshrc, ~/.bash_profile, or ~/.config/fish/config.fish as appropriate. If there's ever a major change you'll get a notification when you log in and you'll need to update it, but that hasn't happened yet.


That works for me.


It would have been nice if the bash line contained a way to compare hashes to verify the script is untouched.(store the hash file on a 3rd party server like s3) Or pgp sign the script in some way.


That is actually some really nice features that i could see myself using on a daily basis.

However i feel that it might somehow fuck up some things, as it is using some rather unconventional stuff.


I'd like to use Automatic Profile Switching to change the profile when I ssh to certain servers, but it doesn't do anything. What am I missing?


I should add that I use ssh_config. I tried the file download feature but I get an error, it tries to scp from MBP.local and doesn't seem to be aware of my ssh session at all.


right-click to scp is particularly neat.


Except that it doesn't shell out, so it ignores ProxyCommand...


What do you use ProxyCommand for? It seems hard to support, but I'd like to know more.


Everything in the Production zone in our corporate network is only available via jumphost. The kicker is that you need to support both "ProxyCommand args" enabling and "ProxyCommand None" for disabling.


I've used it in the past to ssh via bastion hosts and the like.


Yes. My config is something like this:

  # proxy n02 connections through bastion
  host n02.university.edu
  ProxyCommand ssh bastion.university.edu -W %h:%p 2> /dev/null
Almost all my remote shells require a similar setup.


Seems like this might be a common enough pattern that I could support it. I'll have a look.


You can also use ProxyCommand to perform filtering via sed / awk / some shell script on the hostname passed in. Examples: https://wiki.gentoo.org/wiki/SSH_jump_host

I have over 300 hosts defined in my .ssh/config file and it's indispensable to have all these options, especially when mixing in 2FA jump hosts into the mix.


I use ProxyCommand for tor hidden services, for connecting to IPv6 hosts (via a v4 connection to a host with v6 connectivity), for connecting to production past a bastion host, for triggering port knocking, all sorts of stuff.


I also use a smartcard with gpg-agent speaking the ssh-agent protocol. OpenSSH commandline supports it fine. What's the harm in shelling out?


I don't get to control the UI if I shell out. I want to prompt you for your password in a native window and display a native progress bar. I want to know exactly why it failed. I want to estimate the time remaining.


Things you don't get if you don't shell out:

- reusing ControlMaster bg connections

- smartcard auth

- agent support

- ssh_config support, including

- proxycommand

- Cipher selection

- KDF advances for on-disk key encryption

The list is long and expansive. You'd do better to submit a patch upstream for machine-readable progress output in OpenSSH's 'scp', and bundling that.


That's a fair point. We do support agents and much of ssh_config. I'll look into what it would take to patch scp when I get the chance.

For folks who have setups where iTerm2's scp implementation can't connect, you can always download files over an existing ssh connection with this script:

https://raw.githubusercontent.com/gnachman/iTerm2/master/tes...

Upload is a little trickier, but you can copy a file to the pasteboard (e.g., in Finder) and then paste it base64-encoded (Edit > Paste Special > Paste File Base64-Encoded) into base64 -D >> filename.


Thanks for this.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: