Shellinabox
I was searching around for an SSH client that can be used across standard web ports. I found several options including AjaxTerm and AnyTerm, but I liked the responsiveness of Shellinabox best. It comes with standard 128-bit encryption. Using proxies, you can get Apache to forward a request to shellinabox and serve up web terminals with ease. Shellinabox is available here with private repositories here.
Setup was striaght-forward. You can grab a precompiled binary release from the repository and simply install it. On debian or Unbuntu systems that would be:
|
1 |
dpkg -i <name_of_release>.deb |
By default, it runs a secure server on port 4200. Both those options can be changed in the config file located in /etc/init.d/shellinabox. Change these values if desired:
|
1 2 3 4 5 |
SHELLINABOX_DATADIR="${SHELLINABOX_DATADIR:-/var/lib/shellinabox}"
SHELLINABOX_PORT="${SHELLINABOX_PORT:-4200}"
SHELLINABOX_USER="${SHELLINABOX_USER:-shellinabox}"
SHELLINABOX_GROUP="${SHELLINABOX_GROUP:-shellinabox}"
SHELLINABOX_ARGS="--localhost-only --disable-ssl" |
Note: I have SSL disabled here in this config.
In order to have Apache push requests along, we can use ProxyPass. To setup the Apache end of things, we need a few additional modules. Fortunately on Ubuntu-based servers, you don’t need to recompile everything:
Install Apache Proxy if needed:
|
1 |
# sudo a2enmod mod_proxy |
This should install proxy_http and proxy.
Add these to an Apache configuration:
|
1 2 3 4 5 6 7 8 9 10 |
ProxyRequests Off
<Proxy>
Order deny,allow
Allow from all
</Proxy>
<Location /shell/>
ProxyPass http://localhost:4200/
ProxyPassReverse http://localhost:4200/
</Location> |
And restart things:
|
1 2 |
# sudo /etc/init.d/shellinabox restart
# sudo /etc/init.d/apache2 restart |
Again, for this setup, I turned off Apache’s SSL as the server was not configured with it. I don’t recommend running shellinabox completely unsecured, but it still makes for a great web-based tool.
