LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 03-30-2005, 09:02 PM   #1
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Rep: Reputation: 57
Web Based SSH Client?


So lets say hypothetically speaking that somebody is stuck behind a pretty tight firewall at work. This person has web access via a proxy server.

Now, are their any ssh applications that can reside on somebodys webserver and be accessed via the web? I'm expecting something in java since this seems like the best choice for an application like this.

The issue is that all the ssh connections must be done on the web server; not from the client machine.

Thanks in advance.

P.S. I noticed something called MindTerm. It requires xorg for some reason. Would this work?
 
Old 03-30-2005, 09:12 PM   #2
macemoneta
Senior Member
 
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
Blog Entries: 2

Rep: Reputation: 327Reputation: 327Reputation: 327Reputation: 327
Mindterm wont work, if I understand your situation. Mindterm is SSH written as a Java applet. That is, a Java program is transfered to your machine, and executes on your PC giving you an SSH client. At that point, it's just an SSH client running on your machine.

In order to use any SSH client, you need an open outgoing port (any port number will do). Does your company allow telnet or FTP? If so, you can setup an SSH server on port 23 or 21, respectively, and use any SSH client.

If all outgoing ports are blocked, and only web access via proxy is available, then you are not going to be able to use SSH. You wouldn't want an SSH that runs on an intermediate web site; that's automatically a "man in the middle" attack.
 
Old 03-30-2005, 09:23 PM   #3
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Original Poster
Rep: Reputation: 57
Not if it runs on my site. I want an ssh client that I can access via my web site to connect to my server. Everything has to be done on the server.
 
Old 03-30-2005, 09:52 PM   #4
macemoneta
Senior Member
 
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
Blog Entries: 2

Rep: Reputation: 327Reputation: 327Reputation: 327Reputation: 327
If you have complete control over the server, and properly protect the communications (via SSL), then take a look at SSHWebProxy, or CGI-Shell, for a more generic tool. Neither is perfect, but you can at least get stuff done.
 
Old 03-30-2005, 10:02 PM   #5
imemyself
Member
 
Registered: Feb 2004
Location: Wichita, KS
Distribution: CentOS 4, SuSE 10, Tiger
Posts: 110

Rep: Reputation: 15
Would webmin work? You might try webmin with most of the admin stuff removed accept for the shell access(I can't remember, it might have and SSH client). Just give the person an acct on your server with just access to SSH out.

I'm not sure how the shell access in webmin is done though, it might not work through the proxy.
 
Old 03-31-2005, 05:35 AM   #6
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Original Poster
Rep: Reputation: 57
SSHWebProxy looks promising. I'll give it a try after work today.

Thanks.
 
Old 04-15-2005, 01:32 PM   #7
FreeWolf
LQ Newbie
 
Registered: Apr 2005
Posts: 1

Rep: Reputation: 0
I have the same question! I want to connect to server using ssh via http. Crashed_Again, did you try SSHWebProxy?
 
Old 04-15-2005, 02:04 PM   #8
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Original Poster
Rep: Reputation: 57
Quote:
Originally posted by FreeWolf
I have the same question! I want to connect to server using ssh via http. Crashed_Again, did you try SSHWebProxy?
Nope...but I will this weekend. I need my ssh access.
 
Old 04-17-2005, 08:52 PM   #9
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Original Poster
Rep: Reputation: 57
Hmmm...I need to set up a "Servlet container" to use SSHWebProxy. I'm not sure how to do this so I'll look in to it.
 
Old 07-14-2005, 02:49 PM   #10
systemparadox
Member
 
Registered: Jul 2004
Location: Tavistock, Devon, England
Distribution: Slackware 9.1, Mandrake 9.0/9.1/10.0, LFS 6.0, Knoppix 3.1/3.3
Posts: 73

Rep: Reputation: 15
OK- I've been looking for and working on this for weeks now, and it's getting silly.

I don't usually give up easily, but this whole process is made so much more difficult and incredibly frustrating by a complete lack of any useful documentation or information, a total lack of google search results, and the fact that I have to set up other servers with other dependencies, and most of the things I need to install don't use make or any sensible build process.

Here's the situation:
I have a cheapo (166Mhz, 46Mb RAM) headless server in my cupboard, running Slackware 9.1 (kernel 2.4.22). It provides services to the internet (web, ftp, ssh, etc). My friend regularly connects to it via ssh using putty on a windows pc directly connected to the internet. This all works fine.

However, we also want to connect to it (and run shell commands) from school. This is a problem. The only way traffic gets out to the internet from the schools LAN is via a VERY restrictive proxy server, which only allows http and, if you are lucky, ftp downloads (somehow they have disabled uploads). If it can be restricted it probably has been, so there is no socks, no tunnels and no non-http traffic outbound.

Security is very important. The only way I have of authenticating users is using passwords which isn't really a security problem- i have very few users allowed to connect to ssh and all of them have strong passwords. Obviously, however, passwords must be encrypted. Actually- the whole connection must be encrypted- as I will probably entering sensitive information on the command line.

I tried putty, but it can't get through the proxy.

I tried mindterm, but unfortunately it's just a java ssh client which is downloaded and run on the local machine- so it can't get through the proxy either.

I had a look at the CGI-Shell, but that's not encrypted, so forget it, unless you can make it secure if run through https.
I tried SSHWebProxy- and regretted it. I HATE JAVA. I wish I had never bothered trying to set it up. I prefer to compile everything from source, but could I do that with this? Nope. It uses some stupid java build environment, which doesn't work properly. I ended up installing loads of binary packages- YUK! What a mess. I did actually manage to get apache tomcat running (in standalone mode only- I want it integrated with apache), and SSHWebProxy ran in the tomcat container. Then I added one step further to the configuration to get it ready to open up to the internet and SSHWebProxy stopped working. It also takes over a minute to start and stop the thing, which is unnacceptable. This was all done while fumbling around in the dark with very little documentation and no real idea what anything was. I also have no idea whether this would be encrypted or not.

Then my friend suggested Net::SSH::Perl (why do all perl modules have double colons in their name?). So I tried to get that to work. At least the perl build process was reasonably easy, but I had to download and compile loads of dependencies manually, because the automated download and installer didn't work. Right- installed Net::SSH:Perl. Now what? From the very short documentation for it:

Code:
Usage of Net::SSH::Perl is very simple.
Net::SSH::Perl->new($host, %params)
To set up a new connection, call the new method, which connects to $host and returns a Net::SSH::Perl object.
Now, I know absolutely no perl, and while I need to learn it, I have many other things which I need to get working before I do- especially this shell, as that will help with the other things. From the above I assume that this means that I need to write my own perl script to interface with it. I can't do that. I've looked at some of the examples, but to make things worse they don't work either!
I get:
500: Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.

Then in the logs I get:
usage: Net::SSH::Perl->new($host) at /home/simon/www/systemparadox/cgi-bin/remoteinteract.pl line 49
[Thu Jul 14 19:45:29 2005] [error] [client 192.168.38.3] Premature end of script headers: /home/simon/www/systemparadox/cgi-bin/remoteinteract.pl

Surely someone has written an front end for this? Much frustrating google searching returns nothing. There is nothing on the Net::SSH::Perl pages about a front end.



Sorry about the probably inconsise and not overly helpful posting, but
1. I am so peeved (I'm currently having the same frustrating lack of documentation issue with trying to set up a mail server), and
2. I don't really know what I'm talking about- seriously not helped by the total lack of documentation.
Please let me know if there is any other info I should give you.

Thankyou so much for any help
Simon
 
Old 07-14-2005, 03:01 PM   #11
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
Does their proxy allow https? If so, you could try running your sshd on port 443 (https) and connecting to that with putty. Many (not all) proxy systems just pass https straight through (because of how public key cryptography works, it can't be effectively proxied, AFAIK)
 
Old 06-01-2008, 05:18 PM   #12
johnhunsley
LQ Newbie
 
Registered: Mar 2004
Location: uk
Distribution: mandrake 10
Posts: 6

Rep: Reputation: 0
Web based ssh client

Try This -


https://www.browsershell.com

unlimited web based ssh access to any server. 100% secure, uses SSL and they don't store any info about your server.

Very cheap - starts at $5 a month, first 5 days free!

Enjoy :-)

John.
 
Old 06-02-2008, 07:15 AM   #13
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,790
Blog Entries: 1

Rep: Reputation: 414Reputation: 414Reputation: 414Reputation: 414Reputation: 414
Um, you do realize that you just replied to a three year old thread, don't you?
 
Old 06-02-2008, 08:42 AM   #14
theYinYeti
Senior Member
 
Registered: Jul 2004
Location: France
Distribution: Arch Linux
Posts: 1,897

Rep: Reputation: 61
And so? The topic is still interesting, and this information is relevant, although I would never trust such a service.

Yves.
 
Old 06-02-2008, 12:42 PM   #15
johnhunsley
LQ Newbie
 
Registered: Mar 2004
Location: uk
Distribution: mandrake 10
Posts: 6

Rep: Reputation: 0
LOL, and now its a new thread again :-)

why wouldn't trust such a service? Its all secured through SSL and natively through SSH. So long as the web server in the middle don't store your details then its all secure.

Lets say your on a network and you can't get SSH access out on port 22, your web site has crashed and there's nothing you can do to get it back up, I'll bet you'd trust it then! ;-)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
web based ssh client? fuelinjection Linux - General 7 06-01-2008 05:16 PM
Web based SSH client ? brokenflea Slackware 1 03-02-2005 01:10 PM
web based SSH client (with a twist) frieza Linux - Software 3 12-20-2003 09:54 PM
Web Based SSH Client? Dewar Linux - Software 5 12-20-2003 12:12 PM
web-based vs. client-server? mikeshn Programming 1 06-12-2002 05:24 PM


All times are GMT -5. The time now is 03:39 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration