Yeah, I'll admit it sound's pretty far fetched, but I have found an ultra cool package that could provide exactly such an emergency functionality: Webshell 0.9.6 It runs as a local python service and allows login via an AJAX enabled browser.
Behind the scenes, the browser client communicates with the python service, and the python service acts as an SSH client to access the local SSH service. On the surface, this could be a problem, as the browser to python connection would normally be unencrypted. This issue can be mitigated by install OpenSSL support for python. Unfortunately, the pOpenSSL package wasn't in my Fedora repo, so I had to grab it from Pbone.
I made a couple tweaks to my install. I changed the port from the default 8022:
sed -i "s/8022/???/g" webshell.pyAnd since we always change the SSH port of outside servers:
sed -i "s/in +' loc/in +' -p ???? loc/" webshell.pyAnd added some headspace to the top of the page:
sed -i "s/margin:0;/margin:25px 0px 0px 0px;/" \And changed the font from 10 to 12:
www/webshell.css
sed -i "s/font:10/font:12/g" www/webshell.css
Once you change the font size, you'll need to change the default background or remove the JPG for solid black.
The documentation is a little unclear on the fact that the program, by default, only listens on 127.0.0.1, so you have to launch the script with -i 0.0.0.0 to accept outside connections. Of course, you'll have to build your own SysV start script.
A side note, there are websites that run this program as a free service to let you web into their server, then hop over to yours. You probably don't want to use those free services. Sure, its SSL from you to them, and SSH from them to your server, but what's the protocol that encrypts the link between the SSL and SSH? can you say none?
No comments:
Post a Comment