Related Articles
Updating and maintaining our website anytime, anywhere are very crucial. Mostly i use my dedicated internet to access my server. But sometimes i use internet that has a proxy/firewall behind it. The bad news they block SSH port. Sigh 🙁
Then i need to make my server has a capability to SSH via browser. Shell In A Box (pronounced as shellinabox) has a capability to do that.
Install Shell In A Box
Since i use Ubuntu, run this command:
sudo apt-get updatesudo apt-get install openssl shellinaboxSince shellinabox disable root login by default, you have to create a new user
adduser usernameEnter a password and then press enter each time you are prompted to fill some information, unless you want to fill it if you like.
Check if shellinabox is running
$sudo systemctl status shellinabox shellinabox.service - LSB: Shell In A Box Daemon Loaded: loaded (/etc/init.d/shellinabox; bad; vendor preset: enabled) Active: active (running) since Mon 2017-12-18 21:31:17 UTC; 19h ago Docs: man:systemd-sysv-generator(8) Process: 1232 ExecStart=/etc/init.d/shellinabox start (code=exited, status=0/SUCCESS) Tasks: 2 Memory: 2.6M CPU: 884ms CGroup: /system.slice/shellinabox.service |-1318 /usr/bin/shellinaboxd -q --background=/var/run/shellinaboxd.pid -c /var/lib/shellinabox -p 6116 -u shellinabox -g shellinabox --use `-1319 /usr/bin/shellinaboxd -q --background=/var/run/shellinaboxd.pid -c /var/lib/shellinabox -p 6116 -u shellinabox -g shellinabox --useChanging default shellinabox port
By default, shellinabox listening on TCP port 4200. For the security reason, you have to change default port with others. In this case, i will change to port 7676.
sudo vim /etc/default/shellinaboxShould shellinaboxd start automaticallySHELLINABOX_DAEMON_START=1 # TCP port that shellinboxd's webserver listens onSHELLINABOX_PORT=7676 # Parameters that are managed by the system and usually should not need# changing:# SHELLINABOX_DATADIR=/var/lib/shellinabox# SHELLINABOX_USER=shellinabox# SHELLINABOX_GROUP=shellinabox # Any optional arguments (e.g. extra service definitions). Make sure# that that argument is quoted.## Beeps are disabled because of reports of the VLC plugin crashing# Firefox on Linux/x86_64.SHELLINABOX_ARGS="--no-beep --disable-ssl --localhost-only"Then restart shellinbox service
sudo systemctl restart shellinaboxVerify shellinabox
Verify that shellinabox is listening to the port we have defined before.
$ sudo netstat -nap | grep shellinaboxtcp 0 0 0.0.0.0:7676 0.0.0.0:* LISTEN 1318/shellinaboxdunix 3 [ ] STREAM CONNECTED 16176 1318/shellinaboxd unix 3 [ ] STREAM CONNECTED 16177 1319/shellinaboxd unix 3 [ ] STREAM CONNECTED 15500 1318/shellinaboxd Configure your firewall
Make sure your firewall allow the port
$ sudo ufw allow 7676Now, opened up your browser and navigate to http://yousite.com:7676 (in other computer that can access any other port than 80 and 443).
Proxy Pass the port
This part is the key. You need to use reverse proxy.
Put this snippet in your block server config.
server {# other config location / { proxy_pass http://127.0.0.1:7676; #shellinabox port }# other config}I use a subdomain to reverse proxy shellinbox proxy.
You should see a web terminal showing up (ie: https://shellinabox.mysite.com). Login using your username and password, and then you will see shell prompt. Now you can do anything as usually you do using other SSH client.