Would like key shortcut that opens a terminal window, logs in with ssh to a site, does sudo su, and changes directory

Well, my title says it all.

I connect to various servers all the time. What I do is

ssh somedomain.com

Then after I'm logged in I do

sudo su

which required me entering my password. After that comes back I

cd to-some-directory

where I do some monitoring and other stuff.

I wonder if Keyboard Maestro can help me save time with any of these steps?



It could do almost all of it for you, depending on how secure you want to keep your passwords. You basically just need to build a macro that looks like this:

  1. Activate Terminal
  2. Insert Text by Pasting (or Insert Text by Typing) for each command you want to run

The trickiest bit will be figuring out how to wait for the ssh command to complete before proceeding with the next steps in the script, as that time can be variable. But other than that, your macro would just be a series of text insertions into Terminal.


Our macros aren't stored anywhere except in our own Mac backups, right? I'm not really worried so much about the password in this case. But I don't know how to deal with "wait for the prompt before continuing" and things like that.

Probably the easiest way to do it is to just see how long it normally takes to connect to your hosts, and then put a Pause action in after your ssh command. There are probably fancier ways of doing it, i.e. run a hostname command after the ssh command, save the output to a variable, and make sure it's the name of the machine you're connecting to ... but as these are servers you regularly access, a simple Pause is probably fine.

A basic structure might look something like this:

Honestly, I wouldn't store my password in the macro; I'd just have the macro pause and let me type it in, using a Prompt for User Input, something like this:

Note that there's a Return at the end of each of the Insert Text actions, otherwise the text will just be inserted, leaving you at the end of the line.

Hopefully this is enough to get you started.



I have a macro that does a lot of this.

It is basically just

If the Terminal is already running (which mine basically always is), then no Pause should be necessary (I use Command-T for new Tab, but even in my tests of Command-N, no Pause was necessary).

The Insert Text action can be:

ssh somedomain.com
sudo su

No pause is needed between these either, as the typed stuff figures out where to go.

Then you will need to type your password in. You could have Keyboard Maestro do it, but I really would not recommend that.

You can then trigger another macro to do the cd to-some-directory.

I generally have a palette showing in Terminal, and it has various things in it, such as cd’s to frequently used locations that are not easy to type.

1 Like

My terminals are usually running too. But sometimes overnight they get disconnected. If that is the case I don't need a keyboard shortcut just to connect. I can just do a "!!" to run the last command - which was to connect to that server. Or at least find it in the history.

I suppose it's possible in the Ubuntu shell to also have just "sudo su" executed automatically upon login. So I might be able to get up through the "sudo su" step with just the !!.

In my case, one very common scenarios is to check 5 servers at once - they are all in a cluster: node1.somedomain.com, node2.somedomain.com, etc. And of course all the windows might have gotten closed for some reason.

Anyway, still looking over the suggestions here.


I was thinking this was maybe halfway between full security, like in a password manager, and having the password legible in a script on the shell. But your point is well taken.

It's just that I need to do this for like 5 shells in a cluster at the same time, so I was wondering if there was a one-stroke solution.

And later for an upgrade it would be great if KM had a way of reading the shell responses so, for example, it would know which server it was at by looking at the hostname in the shell prompts!


Because you want to work interactively, I don't think there's any way for KM to directly read the shell responses. But you can use Execute Shell Script commands to send commands directly to the shell and have them executed, instead of using inserted text strings. And with executed shell commands, you can get results back from sessions. So if you connected via ssh and then ran a hostname command in an Execute Shell Script action, you could save the result as a variable, then take action.

Without knowing more specifically what you're trying to do, it's very difficult to design even the framework for a macro that would help you out. I tried to create a basic building block you could work off of, but I don't even know if that's right, as I really don't know exactly what you're trying to accomplish.


That sounds interesting. I need to go through the tutorials more. KM looks very interesting. I'm really, at this point, trying to find some practical use for it other than just fixing the broken Apple Send CMD+return shortcut (which works with KM) to justify purchasing it. :slight_smile:

In this case I'm just trying to save some time. For example, there is one site with 5 nodes and I want to do morning checks (and sometimes go to later in the day).

Since my Mac restarted yesterday (cause unknown) the Terminal windows were still all there but they were disconnected.

So one-by-one I did:

!! (to redo the ssh connection)
sudo su (including entering the password)
cd /somedir/some-sub-dir

And there I could check logs and make sure things are ok.

I guess I was trying to save a little bit of time with just this part:

sudo su (including entering the password)
cd /somedir/some-sub-dir

Especially since some-sub-dir is different, depending on the server's IP address.

I will definitely check out Execute Shell Script commands. Thanks for pointing me to that.

Hello Doug (@douglerner):wave:

Just a little tip for you - I recommend you to checkout the linked CLI Tools for SSH based Workflows …

Greetings from Germany


I am sure you already have this in place, but if not, the best timesaver would be to implement SSH-keys so you don't need to enter a password to access the remote server. Also, SSH-keys correctly implemented gives better security than regular SSH passwords.

I am no KM wizard so I cannot help with the rest (but promise not to store the sudo pw in a KM macro :-))

1 Like

Yes, accessing the remote server itself doesn't require typing in a password. It's just

  1. Going to multiple servers in separate terminal windows at the same time.
  2. Doing a sudo su at each server.
  3. Changing to the needed directory at each server.

That I was hoping to save some time with.

Just out of curiosity - what's the big deal about storing the sudo pw in a KM macro. The macros are just on my Mac (and in my backups), right?

Thanks. I will take a look.

They are, but if anyone gained any sort of access to your Mac (remote or direct), they're stored in non-encrypted files that can be easily read. In the end, though, it's down to your own level of personal security—if you're comfortable with it, and comfortable with the possible consequences, then you should do what you're comfortable doing.


1 Like

As @griffman already wrote - an administrator with high privileges on corporate servers is a great target for hackers. Getting into your Mac may not be easy but an unpatched app or someone's compromised windows host on your home network may be a way to get into your host. Once there finding passwords in clear text is a great reward for a hacker

1 Like

You might want to check out expect (looks to be installed at /usr/bin/expect on my Mac). It has the ability to wait for text strings and such. This could be called by your KM macro.

Technically, you can read the output of the Terminal using the AppleScript:

tell application "Terminal"
	history of tab 1 of window 1
end tell

So it would be possible for example, to send a command, and then read the contents to get the results.


1 Like