You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
webssh/README.rst

121 lines
3.1 KiB

7 years ago
WebSSH
------
7 years ago
|Build Status| |codecov| |PyPI - Python Version| |PyPI|
7 years ago
6 years ago
Introduction
------------
7 years ago
A simple web application to be used as an ssh client to connect to your
ssh servers. It is written in Python, base on tornado and paramiko.
6 years ago
::
7 years ago
6 years ago
+---------+ http +--------+ ssh +-----------+
| browser | <==========> | webssh | <=======> | ssh server|
+---------+ websocket +--------+ ssh +-----------+
7 years ago
Features
6 years ago
--------
7 years ago
- SSH password authentication supported, including empty password.
- SSH public-key authentication supported, including DSA RSA ECDSA
Ed25519 keys.
- Encrypted keys supported.
- Fullscreen terminal supported.
- Terminal window resizable.
6 years ago
- Auto detect the ssh server's default encoding.
Preview
-------
|Login| |Terminal|
Requirement
~~~~~~~~~~~
- Python 2.7/3.4+
7 years ago
Instructions
~~~~~~~~~~~~
::
pip install webssh
wssh
Options
~~~~~~~
::
6 years ago
# listen address and port
7 years ago
wssh --address='0.0.0.0' --port=8000
6 years ago
# missing host key policy
7 years ago
wssh --policy=reject
6 years ago
# logging level
7 years ago
wssh --logging=debug
# log to file
wssh --log-file-prefix=main.log
# more options
wssh --help
6 years ago
Tests
~~~~~
6 years ago
Use unittest to run all tests
6 years ago
::
python -m unittest discover tests
6 years ago
Use pytest to run all tests
6 years ago
::
python -m pytest tests
An example of config for running this app behind an Nginx server
7 years ago
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
::
location / {
proxy_pass http://127.0.0.1:8888;
proxy_http_version 1.1;
proxy_read_timeout 300;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Real-PORT $remote_port;
}
Tips
6 years ago
----
7 years ago
- Try to use Nginx as a front web server (see config example above) and
enable SSL, this will prevent your ssh credentials from being
uncovered. Also afterwards the communication between your browser and
the web server will be encrypted as they use secured websockets.
- Try to use reject policy as the missing host key policy along with
your verified known\_hosts, this will prevent man-in-the-middle
attacks. The idea is that it checks the system host keys
file("~/.ssh/known\_hosts") and the application host keys
file("./known\_hosts") in order, if the ssh server's hostname is not
found or the key is not matched, the connection will be aborted.
.. |Build Status| image:: https://travis-ci.org/huashengdun/webssh.svg?branch=master
:target: https://travis-ci.org/huashengdun/webssh
.. |codecov| image:: https://codecov.io/gh/huashengdun/webssh/branch/master/graph/badge.svg
:target: https://codecov.io/gh/huashengdun/webssh
7 years ago
.. |PyPI - Python Version| image:: https://img.shields.io/pypi/pyversions/webssh.svg
.. |PyPI| image:: https://img.shields.io/pypi/v/webssh.svg
7 years ago
.. |Login| image:: https://github.com/huashengdun/webssh/raw/master/preview/login.png
.. |Terminal| image:: https://github.com/huashengdun/webssh/raw/master/preview/terminal.png