Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a need for a software package or tool that is WEB-based, perferrable written in php that I can access as a web-page via apache to remote access other linux servers using ssh from a Linux RedHat server.
It would performing something like this:
1. start web page would have windows for Sever-name, User-name, and password options.
2. It would logging me in remotely to the server and open a Unix Terminal in a Web page format. Then I could enter unix commands on the remote server.
I have searched around a number of download, linux sites, and general google searching and haven't found what I'm looking for yet. I thought I would check here to see if anybody knows of a tool like this. Open Source would be great.
I've seen a Java applet for this - Webmin used to include it. On the whole though, this honestly doesn't sound like a good idea, as it essentially breaks the SSH security model. I would suggest looking at running PuTTY from a pen drive if you spend a lot of time on Windows.
What I would need it to do though is to connect to use a web interface over port 80 to the server which then creates the connection. This gets you ssh access when your caught behind a firewall/proxy that blocks port 22.
The java one you mention somehow uses port 22 right from your computer running it, so doesn't meet my needs on this.
But I'm looking for something that runs on a Linux Red Hat server which be a Network Management System.
I think I understand. I'm currently looking at "screen", which seems to allow you to maintain many sessions from one server. The idea being to SSH to one server and access multiple screen-managed sessions from there. So the whole connection is covered by SSH. The sessions can persist, and (according to the man page), can be shared by multiple users. That might be a solution for you.
Moving from SSH to HTTP, or even a standard HTTPS setup, is a major reduction in the security of your admin connections, so is best avoided if you can, IMHO. SSH with key-based authentication really is better than pretty much any other widely-used method.
@DaveQB: I think that you can run SSH services on multiple ports if 22 isn't available to you. Having said that, I'd put my security hat back on and point out that corporate firewalls may sometimes be enforcing a particular organizational policy (as opposed to the admins just being clueless or awkward).
I think I understand. I'm currently looking at "screen", which seems to allow you to maintain many sessions from one server. The idea being to SSH to one server and access multiple screen-managed sessions from there. So the whole connection is covered by SSH. The sessions can persist, and (according to the man page), can be shared by multiple users. That might be a solution for you.
Moving from SSH to HTTP, or even a standard HTTPS setup, is a major reduction in the security of your admin connections, so is best avoided if you can, IMHO. SSH with key-based authentication really is better than pretty much any other widely-used method.
Screen is one of the best application out there! I use it all the time. (have several week IRC logins )
I dont see how screen with help OP though.
Quote:
Originally Posted by hob
@DaveQB: I think that you can run SSH services on multiple ports if 22 isn't available to you. Having said that, I'd put my security hat back on and point out that corporate firewalls may sometimes be enforcing a particular organizational policy (as opposed to the admins just being clueless or awkward).
Of course I can, and I do run SSH on 443 to get out from here at work. But if 443 is not available, I am screwed. I am just looking for a Web interface using port 80 (always open) that allows ssh to any host on any port (using my home servers connection)
DaveQB, the way I would work with that is some port redirection with your home router/firewall. Even the cheap $50 linksys home routers can do this. I'd run ssh on your server at home with normal port 22. I would redirect public port 80 on your WAN connection to 22 at your local IP internally. Yes that blocks you from directly accessing your router from the outside world, but from a security perspective, that is better in any case. There is also a built in way around that.
You forward 80 to 22, so from work you run ssh with the option -p 80, so it will go to your public router address, and get redirected inside your linux box at home. From there you can connect to anything in the world, as you have control over the network. Also, with some selective X forwarding options, you can use firefox/mozilla over the ssh connection, so you can still reach your router at its LAN address if you need to for some reason. You'd basically go through the router to your box, then turn around and look at the router internally, at its 192.168 or whatever local address you use.
In regards to the OP, I find the whole idea of SSH through a web interface a security disaster in the making. I'm not surprised you are having trouble finding an app to do that, as it seems that defeats much of the security built into ssh. How would you authenticate users? Would everybody have access to the same machines, or would it be selective based on login credentials? That sounds like a windows solution to me, sorry.
Do you have a link to where I can download "screen" Did a google search and found the world
Thanks...
Quote:
Originally Posted by hob
I think I understand. I'm currently looking at "screen", which seems to allow you to maintain many sessions from one server. The idea being to SSH to one server and access multiple screen-managed sessions from there. So the whole connection is covered by SSH. The sessions can persist, and (according to the man page), can be shared by multiple users. That might be a solution for you.
Moving from SSH to HTTP, or even a standard HTTPS setup, is a major reduction in the security of your admin connections, so is best avoided if you can, IMHO. SSH with key-based authentication really is better than pretty much any other widely-used method.
@DaveQB: I think that you can run SSH services on multiple ports if 22 isn't available to you. Having said that, I'd put my security hat back on and point out that corporate firewalls may sometimes be enforcing a particular organizational policy (as opposed to the admins just being clueless or awkward).
Your distribution will have packages, so you can install it the usual way. Screen isn't Web based - as noted that would be a bad idea, because you would be connecting from your local desktop to the server over HTTP or HTTPS.
Google will turn up more, but I happen to have that link to hand.
Very short version: run the SSH client on your local desktop to connect to one server, use screen on that server to maintain multiple sessions with SSH connections to other servers. I think that you will need to enable agent forwarding on the client for your keys to be used for all connections.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.