webssh/README.rst

WebSSH
------

|Build Status| |codecov| |PyPI - Python Version| |PyPI|

Introduction
------------

A simple web application to be used as an ssh client to connect to your
ssh servers. It is written in Python, base on tornado, paramiko and
xterm.js.

Features
--------

-  SSH password authentication supported, including empty password.
-  SSH public-key authentication supported, including DSA RSA ECDSA
   Ed25519 keys.
-  Encrypted keys supported.
-  Fullscreen terminal supported.
-  Terminal window resizable.
-  Auto detect the ssh server's default encoding.
-  Modern browsers including Chrome, Firefox, Safari, Edge, Opera
   supported.

Preview
-------

|Login| |Terminal|

How it works
~~~~~~~~~~~~

::

    +---------+     http     +--------+    ssh    +-----------+
    | browser | <==========> | webssh | <=======> | ssh server|
    +---------+   websocket  +--------+    ssh    +-----------+

Requirements
~~~~~~~~~~~~

-  Python 2.7/3.4+

Quickstart
~~~~~~~~~~

1. Install this app, run command ``pip install webssh``
2. Start a webserver, run command ``wssh``
3. Open your browser, navigate to ``127.0.0.1:8888``
4. Input your data, submit the form.

Server options
~~~~~~~~~~~~~~

.. code:: bash

    # start a http server with specified listen address and listen port
    wssh --address='2.2.2.2' --port=8000

    # start a https server, certfile and keyfile must be passed
    wssh --certfile='/path/to/cert.crt' --keyfile='/path/to/cert.key'

    # missing host key policy
    wssh --policy=reject

    # logging level
    wssh --logging=debug

    # log to file
    wssh --log-file-prefix=main.log

    # more options
    wssh --help

Browser console
~~~~~~~~~~~~~~~

.. code:: javascript

    // connect to your ssh server
    wssh.connect(hostname, port, username, password, privatekey);

    // pass an object to wssh.connect
    var opts = {
      hostname: 'hostname',
      port: 'port',
      username: 'username',
      password: 'password',
      privatekey: 'the private key text'
    };
    wssh.connect(opts);

    // without an argument, wssh will use the form data to connect
    wssh.connect();

    // set a new encoding for client to use
    wssh.set_encoding(encoding);

    // reset encoding to use the default one
    wssh.reset_encoding();

    // send a command to the server
    wssh.send('ls -l');

URL Arguments
~~~~~~~~~~~~~

Spport passing arugments by url (hash or search) like following
examples:

Passing form data

.. code:: bash

    http://localhost:8888/?hostname=xx&username=yy

Passing a terminal background color

.. code:: bash

    http://localhost:8888/#bgcolor=green

Passing a user defined title

.. code:: bash

    http://localhost:8888/?title=my-webssh-server

Use Docker
~~~~~~~~~~

Start up the app

::

    docker-compose up

Tear down the app

::

    docker-compose down

Tests
~~~~~

Use unittest to run all tests

::

    python -m unittest discover tests

Use pytest to run all tests

::

    python -m pytest tests

Deployment
~~~~~~~~~~

Running behind an Nginx server

.. code:: bash

    wssh --address='127.0.0.1' --port=8888 --policy=reject

.. code:: nginx

    # Nginx config example
    location / {
        proxy_pass http://127.0.0.1:8888;
        proxy_http_version 1.1;
        proxy_read_timeout 300;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Real-PORT $remote_port;
    }

Running as a standalone server

.. code:: bash

    wssh --port=8080 --sslport=4433 --certfile='cert.crt' --keyfile='cert.key' --xheaders=False --policy=reject

Tips
----

-  For whatever deployment choice you choose, don't forget to enable
   SSL.
-  By default plain http requests from a public network will be either
   redirected or blocked and being redirected takes precedence over
   being blocked.
-  Try to use reject policy as the missing host key policy along with
   your verified known\_hosts, this will prevent man-in-the-middle
   attacks. The idea is that it checks the system host keys
   file("~/.ssh/known\_hosts") and the application host keys
   file("./known\_hosts") in order, if the ssh server's hostname is not
   found or the key is not matched, the connection will be aborted.

.. |Build Status| image:: https://travis-ci.org/huashengdun/webssh.svg?branch=master
   :target: https://travis-ci.org/huashengdun/webssh
.. |codecov| image:: https://codecov.io/gh/huashengdun/webssh/branch/master/graph/badge.svg
   :target: https://codecov.io/gh/huashengdun/webssh
.. |PyPI - Python Version| image:: https://img.shields.io/pypi/pyversions/webssh.svg
.. |PyPI| image:: https://img.shields.io/pypi/v/webssh.svg
.. |Login| image:: https://github.com/huashengdun/webssh/raw/master/preview/login.png
.. |Terminal| image:: https://github.com/huashengdun/webssh/raw/master/preview/terminal.png
Added README.rst 7 years ago			`WebSSH`
			`------`

Updated README 7 years ago			`\|Build Status\| \|codecov\| \|PyPI - Python Version\| \|PyPI\|`
Added README.rst 7 years ago
Updated README 6 years ago			`Introduction`
			`------------`

Added README.rst 7 years ago			`A simple web application to be used as an ssh client to connect to your`
Update README 6 years ago			`ssh servers. It is written in Python, base on tornado, paramiko and`
			`xterm.js.`
Added README.rst 7 years ago
			`Features`
Updated README 6 years ago			`--------`
Added README.rst 7 years ago
			`- SSH password authentication supported, including empty password.`
			`- SSH public-key authentication supported, including DSA RSA ECDSA`
			`Ed25519 keys.`
			`- Encrypted keys supported.`
			`- Fullscreen terminal supported.`
			`- Terminal window resizable.`
Updated README 6 years ago			`- Auto detect the ssh server's default encoding.`
Updated README 6 years ago			`- Modern browsers including Chrome, Firefox, Safari, Edge, Opera`
			`supported.`
Updated README 6 years ago
			`Preview`
			`-------`

			`\|Login\| \|Terminal\|`

Updated README and version 6 years ago			`How it works`
			`~~~~~~~~~~~~`

			`::`

			`+---------+ http +--------+ ssh +-----------+`
			`\| browser \| <==========> \| webssh \| <=======> \| ssh server\|`
			`+---------+ websocket +--------+ ssh +-----------+`

Update README 6 years ago			`Requirements`
			`~~~~~~~~~~~~`
Updated README 6 years ago
			`- Python 2.7/3.4+`
Added README.rst 7 years ago
Update README 6 years ago			`Quickstart`
			`~~~~~~~~~~`

Updated README 6 years ago			1. Install this app, run command ``pip install webssh``
			2. Start a webserver, run command ``wssh``
Update README 6 years ago			3. Open your browser, navigate to ``127.0.0.1:8888``
			`4. Input your data, submit the form.`

			`Server options`
			`~~~~~~~~~~~~~~`

			`.. code:: bash`

Updated README 6 years ago			`# start a http server with specified listen address and listen port`
Updated README 6 years ago			`wssh --address='2.2.2.2' --port=8000`
Added README.rst 7 years ago
Updated README 6 years ago			`# start a https server, certfile and keyfile must be passed`
			`wssh --certfile='/path/to/cert.crt' --keyfile='/path/to/cert.key'`
Updated README 6 years ago
Updated version 6 years ago			`# missing host key policy`
Added README.rst 7 years ago			`wssh --policy=reject`

Updated version 6 years ago			`# logging level`
Added README.rst 7 years ago			`wssh --logging=debug`

			`# log to file`
			`wssh --log-file-prefix=main.log`

			`# more options`
			`wssh --help`

Updated README 6 years ago			`Browser console`
			`~~~~~~~~~~~~~~~`
Update README 6 years ago
			`.. code:: javascript`

			`// connect to your ssh server`
			`wssh.connect(hostname, port, username, password, privatekey);`

Updated version 6 years ago			`// pass an object to wssh.connect`
Update README 6 years ago			`var opts = {`
			`hostname: 'hostname',`
			`port: 'port',`
			`username: 'username',`
			`password: 'password',`
			`privatekey: 'the private key text'`
			`};`
			`wssh.connect(opts);`

Updated README and version 6 years ago			`// without an argument, wssh will use the form data to connect`
			`wssh.connect();`

			`// set a new encoding for client to use`
			`wssh.set_encoding(encoding);`

			`// reset encoding to use the default one`
			`wssh.reset_encoding();`

Update README 6 years ago			`// send a command to the server`
			`wssh.send('ls -l');`

Updated README 6 years ago			`URL Arguments`
			`~~~~~~~~~~~~~`

			`Spport passing arugments by url (hash or search) like following`
			`examples:`

			`Passing form data`

			`.. code:: bash`

			`http://localhost:8888/?hostname=xx&username=yy`

			`Passing a terminal background color`

			`.. code:: bash`

			`http://localhost:8888/#bgcolor=green`

			`Passing a user defined title`

			`.. code:: bash`

			`http://localhost:8888/?title=my-webssh-server`

Updated README 6 years ago			`Use Docker`
			`~~~~~~~~~~`

			`Start up the app`

			`::`

			`docker-compose up`

			`Tear down the app`

			`::`

			`docker-compose down`

Updated README 6 years ago			`Tests`
			`~~~~~`

Updated README 6 years ago			`Use unittest to run all tests`
Updated README 6 years ago
			`::`

			`python -m unittest discover tests`

Updated README 6 years ago			`Use pytest to run all tests`
Updated README 6 years ago
			`::`

			`python -m pytest tests`

Updated README 6 years ago			`Deployment`
			`~~~~~~~~~~`

			`Running behind an Nginx server`

			`.. code:: bash`

			`wssh --address='127.0.0.1' --port=8888 --policy=reject`
Added README.rst 7 years ago
Update README 6 years ago			`.. code:: nginx`
Added README.rst 7 years ago
Updated README 6 years ago			`# Nginx config example`
Added README.rst 7 years ago			`location / {`
			`proxy_pass http://127.0.0.1:8888;`
			`proxy_http_version 1.1;`
			`proxy_read_timeout 300;`
			`proxy_set_header Upgrade $http_upgrade;`
			`proxy_set_header Connection "upgrade";`
			`proxy_set_header Host $http_host;`
			`proxy_set_header X-Real-IP $remote_addr;`
			`proxy_set_header X-Real-PORT $remote_port;`
			`}`

Updated README 6 years ago			`Running as a standalone server`

			`.. code:: bash`

Fixed typo 6 years ago			`wssh --port=8080 --sslport=4433 --certfile='cert.crt' --keyfile='cert.key' --xheaders=False --policy=reject`
Updated README 6 years ago
Added README.rst 7 years ago			`Tips`
Updated README 6 years ago			`----`
Added README.rst 7 years ago
Updated README 6 years ago			`- For whatever deployment choice you choose, don't forget to enable`
			`SSL.`
Updated README 6 years ago			`- By default plain http requests from a public network will be either`
			`redirected or blocked and being redirected takes precedence over`
			`being blocked.`
Added README.rst 7 years ago			`- Try to use reject policy as the missing host key policy along with`
			`your verified known\_hosts, this will prevent man-in-the-middle`
			`attacks. The idea is that it checks the system host keys`
			`file("~/.ssh/known\_hosts") and the application host keys`
			`file("./known\_hosts") in order, if the ssh server's hostname is not`
Fixed typo 6 years ago			`found or the key is not matched, the connection will be aborted.`
Added README.rst 7 years ago
			`.. \|Build Status\| image:: https://travis-ci.org/huashengdun/webssh.svg?branch=master`
			`:target: https://travis-ci.org/huashengdun/webssh`
			`.. \|codecov\| image:: https://codecov.io/gh/huashengdun/webssh/branch/master/graph/badge.svg`
			`:target: https://codecov.io/gh/huashengdun/webssh`
Updated README 7 years ago			`.. \|PyPI - Python Version\| image:: https://img.shields.io/pypi/pyversions/webssh.svg`
			`.. \|PyPI\| image:: https://img.shields.io/pypi/v/webssh.svg`
Added README.rst 7 years ago			`.. \|Login\| image:: https://github.com/huashengdun/webssh/raw/master/preview/login.png`
			`.. \|Terminal\| image:: https://github.com/huashengdun/webssh/raw/master/preview/terminal.png`