shazhou/skills
8
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
skills/hermes/remote-assist/SKILL.md
星月 85e58ae239 refactor: split skills into hermes/ and cursor/ categories 
- Move all Hermes skills from skills/ to hermes/
- Add cursor/ for Cursor rules (.mdc)
- Add code-review.mdc (Gitea PR review with tea CLI)
- Update sync.sh to use new hermes/ path
- Update README with new structure
2026-04-22 19:41:29 +08:00

3.1 KiB
Raw Blame History

name, description, user-invocable
name description user-invocable
remote-assist Remote SSH assistance via Cloudflare Quick Tunnel. One-command workflow to establish temporary SSH access to a remote machine for troubleshooting. Usage: /remote-assist [tunnel-host] [--user username]. Without args, guides the remote user through bootstrap. With tunnel host, connects immediately. true

Remote Assist

Establish temporary SSH access to a remote machine via Cloudflare Quick Tunnel for troubleshooting.

Flow

Phase 1: Bootstrap (no args or just /remote-assist)

  1. Send the remote user the universal bootstrap command: 
    bash <(curl -fsSL https://raw.githubusercontent.com/shazhou-ww/oc-bootstrap/main/bootstrap.sh)
  2. Also send your SSH public key for them to add manually if the bootstrap script doesn't include it: 
    # Read from ~/.ssh/id_ed25519.pub or ~/.ssh/id_rsa.pub
  3. Wait for the user to reply with:
    • Tunnel hostname (e.g. abc-def-ghi.trycloudflare.com)
    • Username (e.g. azureuser)

Phase 2: Connect (/remote-assist <tunnel-host> --user <username>)

  1. Kill any existing cloudflared proxy on port 2222:

    pkill -f "cloudflared access tcp.*localhost:2222" 2>/dev/null || true

  2. Start local proxy (background):

    cloudflared access tcp --hostname <tunnel-host> --url localhost:2222 &

  3. Wait 3 seconds, then test SSH:

    ssh -p 2222 -o StrictHostKeyChecking=no -o ConnectTimeout=10 <user>@localhost "echo OK; hostname; uname -a"

  4. If SSH fails with Permission denied (publickey):

    • Ask the remote user to add your public key: 
      echo "<your-pubkey>" >> ~/.ssh/authorized_keys
    • Retry SSH after they confirm

  5. Once connected, report success and begin troubleshooting.

Phase 3: Troubleshoot

Common checks to run on the remote machine:

# OpenClaw status
~/.openclaw/bin/openclaw gateway status 2>&1
~/.openclaw/bin/openclaw status 2>&1

# Recent logs
tail -50 /tmp/openclaw/openclaw-$(date -u +%Y-%m-%d).log

# Service status
systemctl --user status openclaw-gateway
systemctl --user status copilot-api

# Model connectivity
curl -s http://127.0.0.1:4141/v1/models | head -5

Phase 4: Cleanup

After troubleshooting:

  • Kill the local cloudflared proxy: pkill -f "cloudflared access tcp.*localhost:2222"
  • Inform the remote user they can close their tunnel (Ctrl+C)
  • Note: SSH public key remains in their authorized_keys for future sessions

Prerequisites

  • cloudflared installed locally
  • SSH key pair (~/.ssh/id_ed25519 or ~/.ssh/id_rsa)

Bootstrap Script Repo

https://github.com/shazhou-ww/oc-bootstrap

Supported platforms:

  • macOS (Intel + Apple Silicon)
  • Ubuntu / Debian / WSL2
  • Universal router: auto-detects OS

Important

  • Always ask the remote user's OS before sending a specific script
  • Each machine should use its own credentials (GitHub, API keys) — never share keys across machines
  • Quick Tunnel URLs are temporary — they die when the process stops
  • The bootstrap script injects KUMA's public key by default; you may need to add your own key separately