snork.ca ... making kittens cry since 2001

Update: Is That Really PAC Manager? 2020-05-21


So, it has only been 12 days since I posted this and today the author sent me an email about it. I had made no attempt to contact him or announce my post in any way to anyone affilitated with the project. So if you are wondering if Ásbrú Connection Manager is actively maintained, I think you have your answer right there. Okay, it doesn't prove that development is active, but it does certainly speak to the author's dedication to the project.

I should add that one of the things mentioned in this email was:

... we strongly believe we are more than a "supposedly maintained fork" but a future proof replacement of a dead project that was able to survive thanks to an active community who believe in collaboration and open source development.

I do realize that Ásbrú "came from" PAC, that they do share some code, and that Ásbrú looks generally like PAC... but I should be clear. The most recent files from PAC Manager are almost a half decade old now, and in the world of encrypted tunnels, that is a long time. Ásbrú picks up where PAC left off and to be fair, is more than just a fork.

Is That Really PAC Manager? 2020-05-09


I usually have a few SSH sessions open to various servers which are usually tail'ing log files. I used to use PAC Manager for this, but it has not been updated in a long time and is a serious pain the arse to get working on newer distributions of Linux. I was pretty disappointed by this and it has even forced me off to Windows 7 in some cases with PuTTY as a [less desirable and non-tabbed] alternative. Today I was looking at packaging alternatives like snap and flat because I wondered if they might be a way to run an old application like PAC Manager on more up to date boxes. Turns out I don't think they're really very useful or good, but I did come across Ásbrú Connection Manager which is a supposedly maintained fork of good old PAC Manager.

asbru Ásbrú Connection Manager.

Their GitHub repo is here, and as you can see, on a Debian based system their install instructions are to pipe curl to bash. Most people are probably indifferent to the idea of piping curl to bash, some think it is terrible, and some think it is a great way for developers to provide one-liner installs. Frankly I think it just encourages people to run shit without thinking about what it might be. This is what makes sudo a bag of dicks too. Anyways, if you like piping curl to bash then you can easily install this updated PAC Manager without having to think about security... if you are not one of those people then maybe you'd be interested in a slightly more transparent way of looking at the install.

This is basically just a chopped down version of what the script is supposed to do, the difference being that you would supposedly be paying more attention to the individual steps than if you just told your machine to go run a remote script. I did this on a Debian Buster machine and it seems to have worked fine.

# apt-get update
# apt-get install apt-transport-https

# wget -O ~/asbru-cm.key https://packagecloud.io/asbru-cm/asbru-cm/gpgkey
# apt-key add ~/asbru-cm.key
# rm ~/asbru-cm.key

# nano /etc/apt/sources.list
=== Put these three lines in your sources.list ======================
# PAC Manager [asbru-cm]
deb https://packagecloud.io/asbru-cm/asbru-cm/debian/ buster main
deb-src https://packagecloud.io/asbru-cm/asbru-cm/debian/ buster main
=====================================================================
# apt-get update
# apt-get install asbru-cm --no-install-recommends

The first part installs the https transport method to your apt, which is required for the asbru repo. The second part adds their signing key. The last part adds the repository and installs the application. Some folks might be concrned that adding a key from wget is as dangerous as piping curl to bash, however it is nothing without the accompanying repository which you have to trust in order to get the application anyways. Alternatively you could simply compare the key to a known-trusted source if you like before adding it. Some might wonder why I included "--no-install-recommends" on the install command line and it is because I do not need keepass integration so I don't much need it to be installed. If you want keepass integration then obviously do not include that option.

If you are not running Debian Buster you would obviously have to use the appropriate terms when you add the repo lines to your sources.list. They have a list of supported OS's here even though they may have called Xenial "Xenian". So for example, if you wanted to install on Bionic Beaver then you would use this in your sources.list instead

# PAC Manager [asbru-cm]
deb https://packagecloud.io/asbru-cm/asbru-cm/ubuntu/ xenial main
deb-src https://packagecloud.io/asbru-cm/asbru-cm/ubuntu/ xenial main

How ya like them apples?

Made using Notepad++ & FastStone. Hosted on Devuan with nginx & php. Powered by North Korean mushrooms, without the help of javascript or cookies.