shazhou/skills
8
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
skills/hermes/remote-assist/SKILL.md
星月 85e58ae239 refactor: split skills into hermes/ and cursor/ categories 
- Move all Hermes skills from skills/ to hermes/
- Add cursor/ for Cursor rules (.mdc)
- Add code-review.mdc (Gitea PR review with tea CLI)
- Update sync.sh to use new hermes/ path
- Update README with new structure
2026-04-22 19:41:29 +08:00

100 lines
3.1 KiB
Markdown
Raw Blame History

---
name: remote-assist
description: "Remote SSH assistance via Cloudflare Quick Tunnel. One-command workflow to establish temporary SSH access to a remote machine for troubleshooting. Usage: /remote-assist [tunnel-host] [--user username]. Without args, guides the remote user through bootstrap. With tunnel host, connects immediately."
user-invocable: true
---
# Remote Assist
Establish temporary SSH access to a remote machine via Cloudflare Quick Tunnel for troubleshooting.
## Flow
### Phase 1: Bootstrap (no args or just `/remote-assist`)
1. Send the remote user the universal bootstrap command:
```
bash <(curl -fsSL https://raw.githubusercontent.com/shazhou-ww/oc-bootstrap/main/bootstrap.sh)
```
2. Also send your SSH public key for them to add manually if the bootstrap script doesn't include it:
```bash
# Read from ~/.ssh/id_ed25519.pub or ~/.ssh/id_rsa.pub
```
3. Wait for the user to reply with:
- **Tunnel hostname** (e.g. `abc-def-ghi.trycloudflare.com`)
- **Username** (e.g. `azureuser`)
### Phase 2: Connect (`/remote-assist <tunnel-host> --user <username>`)
1. Kill any existing cloudflared proxy on port 2222:
```bash
pkill -f "cloudflared access tcp.*localhost:2222" 2>/dev/null || true
```
2. Start local proxy (background):
```bash
cloudflared access tcp --hostname <tunnel-host> --url localhost:2222 &
```
3. Wait 3 seconds, then test SSH:
```bash
ssh -p 2222 -o StrictHostKeyChecking=no -o ConnectTimeout=10 <user>@localhost "echo OK; hostname; uname -a"
```
4. If SSH fails with `Permission denied (publickey)`:
- Ask the remote user to add your public key:
```bash
echo "<your-pubkey>" >> ~/.ssh/authorized_keys
```
- Retry SSH after they confirm
5. Once connected, report success and begin troubleshooting.
### Phase 3: Troubleshoot
Common checks to run on the remote machine:
```bash
# OpenClaw status
~/.openclaw/bin/openclaw gateway status 2>&1
~/.openclaw/bin/openclaw status 2>&1
# Recent logs
tail -50 /tmp/openclaw/openclaw-$(date -u +%Y-%m-%d).log
# Service status
systemctl --user status openclaw-gateway
systemctl --user status copilot-api
# Model connectivity
curl -s http://127.0.0.1:4141/v1/models | head -5
```
### Phase 4: Cleanup
After troubleshooting:
- Kill the local cloudflared proxy: `pkill -f "cloudflared access tcp.*localhost:2222"`
- Inform the remote user they can close their tunnel (Ctrl+C)
- Note: SSH public key remains in their authorized_keys for future sessions
## Prerequisites
- `cloudflared` installed locally
- SSH key pair (`~/.ssh/id_ed25519` or `~/.ssh/id_rsa`)
## Bootstrap Script Repo
https://github.com/shazhou-ww/oc-bootstrap
Supported platforms:
- macOS (Intel + Apple Silicon)
- Ubuntu / Debian / WSL2
- Universal router: auto-detects OS
## Important
- **Always ask the remote user's OS** before sending a specific script
- Each machine should use its own credentials (GitHub, API keys) — never share keys across machines
- Quick Tunnel URLs are temporary — they die when the process stops
- The bootstrap script injects KUMA's public key by default; you may need to add your own key separately
Reference in New Issue View Git Blame Copy Permalink