Accessing SSH Through a browser using Shellinabox

Updating and maintaining our website anytime, anywhere are very crucial. Mostly i use my dedicated internet to access my server. But sometimes i use internet that has a proxy/firewall behind it. The bad news they block SSH port. Sigh 🙁

Then i need to make my server has a capability to SSH via browser. Shell In A Box (pronounced as shellinabox) has a capability to do that.

Install Shell In A Box
Since i use Ubuntu, run this command:

sudo apt-get updatesudo apt-get install openssl shellinabox

Since shellinabox disable root login by default, you have to create a new user

adduser username

Enter a password and then press enter each time you are prompted to fill some information, unless you want to fill it if you like.

Check if shellinabox is running

$sudo systemctl status shellinabox shellinabox.service - LSB: Shell In A Box Daemon   Loaded: loaded (/etc/init.d/shellinabox; bad; vendor preset: enabled)                                                                                Active: active (running) since Mon 2017-12-18 21:31:17 UTC; 19h ago     Docs: man:systemd-sysv-generator(8)                                                                                                               Process: 1232 ExecStart=/etc/init.d/shellinabox start (code=exited, status=0/SUCCESS)                                                                  Tasks: 2                                                                                                                                            Memory: 2.6M                                                                                                                                            CPU: 884ms                                                                                                                                        CGroup: /system.slice/shellinabox.service                                                                                                                    |-1318 /usr/bin/shellinaboxd -q --background=/var/run/ -c /var/lib/shellinabox -p 6116 -u shellinabox -g shellinabox --use           `-1319 /usr/bin/shellinaboxd -q --background=/var/run/ -c /var/lib/shellinabox -p 6116 -u shellinabox -g shellinabox --use

Changing default shellinabox port
By default, shellinabox listening on TCP port 4200. For the security reason, you have to change default port with others. In this case, i will change to port 7676.

sudo vim /etc/default/shellinabox
Should shellinaboxd start automaticallySHELLINABOX_DAEMON_START=1                                                                                                                                                                                                                                                                                # TCP port that shellinboxd's webserver listens onSHELLINABOX_PORT=7676                                                                                                                                                                                                                                                                                     # Parameters that are managed by the system and usually should not need# changing:# SHELLINABOX_DATADIR=/var/lib/shellinabox# SHELLINABOX_USER=shellinabox# SHELLINABOX_GROUP=shellinabox                                                                                                                                                     # Any optional arguments (e.g. extra service definitions).  Make sure# that that argument is quoted.##   Beeps are disabled because of reports of the VLC plugin crashing#   Firefox on Linux/x86_64.SHELLINABOX_ARGS="--no-beep --disable-ssl --localhost-only"

Then restart shellinbox service

sudo systemctl restart shellinabox

Verify shellinabox
Verify that shellinabox is listening to the port we have defined before.

$ sudo netstat -nap | grep shellinaboxtcp        0      0  *               LISTEN      1318/shellinaboxdunix  3      [ ]         STREAM     CONNECTED     16176    1318/shellinaboxd   unix  3      [ ]         STREAM     CONNECTED     16177    1319/shellinaboxd   unix  3      [ ]         STREAM     CONNECTED     15500    1318/shellinaboxd   

Configure your firewall
Make sure your firewall allow the port

$ sudo ufw allow 7676

Now, opened up your browser and navigate to (in other computer that can access any other port than 80 and 443).

See also  How to install and configure Apache Tomcat on CentOS 7

Proxy Pass the port
This part is the key. You need to use reverse proxy.
Put this snippet in your block server config.

server {# other config    location / {        proxy_pass; #shellinabox port    }# other config}

I use a subdomain to reverse proxy shellinbox proxy.

You should see a web terminal showing up (ie: Login using your username and password, and then you will see shell prompt. Now you can do anything as usually you do using other SSH client.