1
|
'\" t
|
2
|
.\" shellinaboxd.man -- Make command line applications available as AJAX web applications
|
3
|
.\" Copyright (C) 2008-2010 Markus Gutschke <markus@shellinabox.com>
|
4
|
.\"
|
5
|
.\" This program is free software; you can redistribute it and/or modify
|
6
|
.\" it under the terms of the GNU General Public License version 2 as
|
7
|
.\" published by the Free Software Foundation.
|
8
|
.\"
|
9
|
.\" This program is distributed in the hope that it will be useful,
|
10
|
.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
|
11
|
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
12
|
.\" GNU General Public License for more details.
|
13
|
.\"
|
14
|
.\" You should have received a copy of the GNU General Public License along
|
15
|
.\" with this program; if not, write to the Free Software Foundation, Inc.,
|
16
|
.\" 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
17
|
.\"
|
18
|
.\" In addition to these license terms, the author grants the following
|
19
|
.\" additional rights:
|
20
|
.\"
|
21
|
.\" If you modify this program, or any covered work, by linking or
|
22
|
.\" combining it with the OpenSSL project's OpenSSL library (or a
|
23
|
.\" modified version of that library), containing parts covered by the
|
24
|
.\" terms of the OpenSSL or SSLeay licenses, the author
|
25
|
.\" grants you additional permission to convey the resulting work.
|
26
|
.\" Corresponding Source for a non-source form of such a combination
|
27
|
.\" shall include the source code for the parts of OpenSSL used as well
|
28
|
.\" as that of the covered work.
|
29
|
.\"
|
30
|
.\" You may at your option choose to remove this additional permission from
|
31
|
.\" the work, or from any part of it.
|
32
|
.\"
|
33
|
.\" It is possible to build this program in a way that it loads OpenSSL
|
34
|
.\" libraries at run-time. If doing so, the following notices are required
|
35
|
.\" by the OpenSSL and SSLeay licenses:
|
36
|
.\"
|
37
|
.\" This product includes software developed by the OpenSSL Project
|
38
|
.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)
|
39
|
.\"
|
40
|
.\" This product includes cryptographic software written by Eric Young
|
41
|
.\" (eay@cryptsoft.com)
|
42
|
.\"
|
43
|
.\"
|
44
|
.\" The most up-to-date version of this program is always available from
|
45
|
.\" http://shellinabox.com
|
46
|
.\"
|
47
|
.TH SHELLINABOXD 1 "Sep 11, 2010"
|
48
|
.SH NAME
|
49
|
shellinaboxd \- publish command line shell through AJAX interface
|
50
|
.SH SYNOPSIS
|
51
|
.TP
|
52
|
.B shellinaboxd
|
53
|
[\ \fB-b\fP\ | \fB--background\fP[\fB=\fP\fIpidfile\fP]\ ]
|
54
|
[\ \fB-c\fP\ | \fB--cert=\fP\fIcertdir\fP\ ]
|
55
|
[\ \fB--cert-fd=\fP\fIfd\fP\ ]
|
56
|
[\ \fB--css=\fP\fIfilename\fP\ ]
|
57
|
[\ \fB--cgi\fP[\fB=\fP\fIportrange\fP]\ ]
|
58
|
[\ \fB-d\fP\ | \fB--debug\fP\ ]
|
59
|
[\ \fB-f\fP\ | \fB--static-file=\fP\fIurl\fP:\fIfile\fP\ ]
|
60
|
[\ \fB-g\fP\ | \fB--group=\fP\fIgid\fP\ ]
|
61
|
[\ \fB-h\fP\ | \fB--help\fP\ ]
|
62
|
[\ \fB--linkify\fP=[\fBnone\fP|\fBnormal\fP|\fBaggressive\fP]\ ]
|
63
|
[\ \fB--localhost-only\fP\ ]
|
64
|
[\ \fB--no-beep\fP\ ]
|
65
|
[\ \fB-n\fP\ | \fB--numeric\fP\ ]
|
66
|
[\ \fB--pidfile=\fP\fIpidfile\fP\ ]
|
67
|
[\ \fB-p\fP\ | \fB--port=\fP\fIport\fP\ ]
|
68
|
[\ \fB-s\fP\ | \fB--service=\fP\fIservice\fP\ ]
|
69
|
[\ \fB-t\fP\ | \fB--disable-ssl\fP\ ]
|
70
|
[\ \fB--disable-ssl-menu\fP\ ]
|
71
|
[\ \fB-q\fP\ | \fB--quiet\fP\ ]
|
72
|
[\ \fB-u\fP\ | \fB--user=\fP\fIuid\fP\ ]
|
73
|
[\ \fB--user-css=\fP\fIstyles\fP\ ]
|
74
|
[\ \fB-v\fP\ | \fB--verbose\fP\ ]
|
75
|
[\ \fB--version\fP\ ]
|
76
|
.SH DESCRIPTION
|
77
|
The
|
78
|
.B shellinaboxd
|
79
|
daemon implements a webserver that listens on the specified
|
80
|
.IR port .
|
81
|
The web server publishes one or more
|
82
|
.I services
|
83
|
that will be displayed in a VT100 emulator implemented as an AJAX web
|
84
|
application. By default, the port is 4200 and the default service URL is
|
85
|
.IR http://localhost:4200/ .
|
86
|
.P
|
87
|
If no particular
|
88
|
.I service
|
89
|
was requested, the server launches
|
90
|
.B /bin/login
|
91
|
querying the user for their username and password. It then starts the
|
92
|
user's default login shell.
|
93
|
.P
|
94
|
Any modern JavaScript and CSS enabled browser will be able to access the
|
95
|
published
|
96
|
.I service
|
97
|
without requiring additional plugins.
|
98
|
.SH OPTIONS
|
99
|
The following command line parameters control the operation of the daemon:
|
100
|
.TP \w'\-b\ |\ 'u
|
101
|
\fB-b\fP\ | \fB--background\fP[\fB=\fP\fIpidfile\fP]
|
102
|
Launch
|
103
|
.B shellinaboxd
|
104
|
as a background daemon process. Optionally, write the process id to
|
105
|
.IR pidfile .
|
106
|
.TP
|
107
|
\fB-c\fP\ |\ \fB--cert=\fP\fIcertdir\fP
|
108
|
If built with SSL/TLS support enabled, the daemon will look in
|
109
|
.I certdir
|
110
|
for any certificates. If unspecified, this defaults to the current
|
111
|
working directory.
|
112
|
|
113
|
If the browser negotiated a
|
114
|
.B Server Name Identification
|
115
|
the daemon will look for a matching
|
116
|
.I certificate-\f[BI]SERVERNAME\fP.pem
|
117
|
file. This allows for virtual hosting of multiple server names on the
|
118
|
same IP address and port.
|
119
|
|
120
|
If no
|
121
|
.B SNI
|
122
|
handshake took place, it falls back on using the certificate in the
|
123
|
.I certificate.pem
|
124
|
file.
|
125
|
|
126
|
The administrator should make sure that there are matching
|
127
|
certificates for each of the virtual hosts on this server, and that
|
128
|
there is a generic
|
129
|
.I certificate.pem
|
130
|
file.
|
131
|
|
132
|
If no suitable certificate is installed,
|
133
|
.B shellinaboxd
|
134
|
will attempt to invoke
|
135
|
.B /usr/bin/openssl
|
136
|
and create a new self-signed certificate. This only succeeds if, after
|
137
|
dropping privileges,
|
138
|
.B shell\%ina\%boxd
|
139
|
has write permissions for
|
140
|
.IR certdir .
|
141
|
|
142
|
Most browsers show a warning message when encountering a self-signed
|
143
|
certificate and then allow the user the option of accepting the
|
144
|
certificate. Due to this usability problem, and due to the perceived
|
145
|
security implications, the use of auto-generated self-signed
|
146
|
certificates is intended for testing or in intranet deployments, only.
|
147
|
.TP
|
148
|
\fB--cert-fd=\fP\fIfd\fP
|
149
|
Instead of providing a
|
150
|
.B --cert
|
151
|
directory, it is also possible to provide a filedescriptor
|
152
|
.I fd
|
153
|
where the certificate and key can be retrieved. While this option disables
|
154
|
.B SNI
|
155
|
support, it does offer an alternative solution for securely providing
|
156
|
the private key data to the daemon.
|
157
|
.TP
|
158
|
\fB--css=\fP\fIfilename\fP
|
159
|
Sometimes, it is not necessary to replace the entire style sheet using the
|
160
|
.B --static-file
|
161
|
option. But instead a small incremental change should be made to the visual
|
162
|
appearance of the terminal. The
|
163
|
.B --css
|
164
|
option provides a means to append additional style rules to the end of
|
165
|
the default
|
166
|
.B styles.css
|
167
|
sheet. More than one
|
168
|
.B --css
|
169
|
option can be given on the same command line.
|
170
|
.TP
|
171
|
\fB--cgi\fP[\fB=\fP\fIportrange\fP]
|
172
|
Instead of running
|
173
|
.B shellinaboxd
|
174
|
as a permanent process, it can be demand-loaded as a CGI web server
|
175
|
extension. When doing so, it will spawn a server that lives for the
|
176
|
duration of the user's session. If an optional
|
177
|
.I portrange
|
178
|
of the form
|
179
|
.BR MINPORT-MAXPORT
|
180
|
has been provided, the server limits itself to these port numbers. They
|
181
|
should be configured to pass through the firewall.
|
182
|
|
183
|
The
|
184
|
.B --cgi
|
185
|
option is mutually exclusive with the
|
186
|
.BR --background ,
|
187
|
.B --pidfile
|
188
|
and
|
189
|
.B --port
|
190
|
options.
|
191
|
|
192
|
In order to be useful as a CGI script, the
|
193
|
.B shellinaboxd
|
194
|
binary probably will have to be made
|
195
|
.BR setuid-root .
|
196
|
This is currently a discouraged configuration. Use with care.
|
197
|
.TP
|
198
|
\fB-d\fP\ |\ \fB--debug\fP
|
199
|
Enables debugging mode, resulting in lots of log messages on
|
200
|
.IR stderr .
|
201
|
This option is mutually exclusive with
|
202
|
.B --quiet
|
203
|
and
|
204
|
.BR --verbose .
|
205
|
.TP
|
206
|
\fB-f\fP\ |\ \fB--static-file=\fP\fIurl\fP:\fIfile\fP
|
207
|
The daemon serves various built-in resources from URLs underneath the
|
208
|
.I service
|
209
|
mount points. One or more
|
210
|
.B --static-file
|
211
|
options allow for overriding these resources with customized externally
|
212
|
provided
|
213
|
.IR files .
|
214
|
The
|
215
|
.I url
|
216
|
can either be an absolute or a relative path. In the former case, it overrides
|
217
|
exactly one built-in resource for one specific
|
218
|
.IR service ,
|
219
|
whereas in the latter case it overrides resources for each defined
|
220
|
.IR service .
|
221
|
|
222
|
The following resources are available for customization:
|
223
|
.RS
|
224
|
.TP \w'ShellInABox.js\ \ \ 'u
|
225
|
.B beep.wav
|
226
|
audio sample that gets played whenever the terminal BEL is sounded.
|
227
|
.TP
|
228
|
.B favicon.ico
|
229
|
favicon image file that is displayed in the browser's navigation bar.
|
230
|
.TP
|
231
|
.B ShellInABox.js
|
232
|
JavaScript file implementing the AJAX terminal emulator.
|
233
|
.TP
|
234
|
.B styles.css
|
235
|
CSS style file that controls the visual appearance of the terminal.
|
236
|
.TP
|
237
|
.B print-styles.css
|
238
|
CSS style file that controls the visual appearance of printed pages when using
|
239
|
the VT100 transparent printing feature.
|
240
|
.P
|
241
|
It is not recommended to override the root HTML page for a particular
|
242
|
.IR service .
|
243
|
Instead, move the service to an anonymous URL and serve a
|
244
|
.I static-file
|
245
|
that references the
|
246
|
.I service
|
247
|
in an
|
248
|
.IR <iframe> .
|
249
|
|
250
|
Instead of a
|
251
|
.IR file ,
|
252
|
it is possible to provide the name of a directory. This turns
|
253
|
.B shellinaboxd
|
254
|
into a simple web server that publishes all of the files in that
|
255
|
particular directory. This option can be helpful when publishing a more
|
256
|
complex root HTML page.
|
257
|
.RE
|
258
|
.TP
|
259
|
\fB-g\fP\ |\ \fB--group=\fP\fIgid\fP
|
260
|
When started as
|
261
|
.BR root ,
|
262
|
the server drops most privileges at start up. Unless overridden by the
|
263
|
.B --group
|
264
|
option, it switches to
|
265
|
.BR nogroup .
|
266
|
|
267
|
When already running as an unprivileged user, group changes are not
|
268
|
possible.
|
269
|
|
270
|
If running with SSL/TLS support enabled, the certificates must be
|
271
|
accessible to the unprivileged user and/or group that the daemon
|
272
|
runs as.
|
273
|
.TP
|
274
|
\fB-h\fP\ |\ \fB--help\fP
|
275
|
Display a brief usage message showing the valid command line parameters.
|
276
|
.TP
|
277
|
\fB--linkify\fP=[\fBnone\fP|\fBnormal\fP|\fBaggressive\fP]
|
278
|
the daemon attempts to recognize URLs in the terminal output and makes them
|
279
|
clickable. This is not neccessarily a fool-proof process and both false
|
280
|
negatives and false positives are possible. By default, only URLs starting
|
281
|
with a well known protocol of
|
282
|
.BR http:// ,\ https:// ,\ ftp:// ,\ or\ mailto:
|
283
|
are recognized. In
|
284
|
.B aggressive
|
285
|
mode, anything that looks like a hostname, URL or e-mail address is
|
286
|
recognized, even if not preceded by a protocol.
|
287
|
.TP
|
288
|
\fB--localhost-only\fP
|
289
|
Normally,
|
290
|
.B shellinaboxd
|
291
|
listens on all available network interfaces. When operating behind a
|
292
|
reverse-proxy that is not always desirable. This command line option
|
293
|
tells the daemon to only listen on the loopback interface.
|
294
|
.TP
|
295
|
\fB--no-beep\fP
|
296
|
not only are audible signals undesired in some working environments, but
|
297
|
browser support for media playback is often buggy, too. Setting this option
|
298
|
suppresses all audio playback and enables the visual bell by default.
|
299
|
.TP
|
300
|
\fB-n\fP\ |\ \fB--numeric\fP
|
301
|
When running in
|
302
|
.B --verbose
|
303
|
mode, the daemon prints an
|
304
|
.IR Apache -style
|
305
|
log file to
|
306
|
.IR stderr .
|
307
|
By default, host names of peers get resolved
|
308
|
before logging them. As DNS look-ups can be expensive, it is possible
|
309
|
to request logging of numeric IP addresses, instead.
|
310
|
.TP
|
311
|
\fB--pidfile=\fP\fIpidfile\fP
|
312
|
The
|
313
|
.B shellinaboxd
|
314
|
daemon can be configured to store its process identifier in
|
315
|
.IR pidfile .
|
316
|
.TP
|
317
|
\fB-p\fP\ |\ \fB--port=\fP\fIport\fP
|
318
|
Unless overridden by this option, the web server listens on port 4200
|
319
|
for incoming HTTP and HTTPS requests.
|
320
|
|
321
|
.B shellinaboxd
|
322
|
can distinguish between SSL/TLS requests and unencrypted requests. It
|
323
|
also knows how to negotiate
|
324
|
.B Server Name
|
325
|
.BR Identification ,
|
326
|
allowing the use of a single port for all types of requests even when
|
327
|
virtual hosting.
|
328
|
.TP
|
329
|
\fB-s\fP\ |\ \fB--service=\fP\fIservice\fP
|
330
|
One or more services can be registered on different URL paths:
|
331
|
.in +4
|
332
|
\fISERVICE\fP := <url-path> ':' \fIAPPLICATION\fP
|
333
|
.in
|
334
|
|
335
|
There is a pre-defined \fIapplication\fP, 'LOGIN', which causes the
|
336
|
daemon to invoke
|
337
|
.B /bin/login
|
338
|
requesting the user's name and password, and starting his
|
339
|
login shell. This is the default option for the
|
340
|
.B root
|
341
|
user, if no
|
342
|
.B --service
|
343
|
was defined. Starting
|
344
|
.B /bin/login
|
345
|
requires
|
346
|
.B root
|
347
|
privileges.
|
348
|
|
349
|
There is
|
350
|
another
|
351
|
pre-defined \fIapplication\fP, 'SSH'.
|
352
|
Instead of invoking
|
353
|
.BR /bin/login ,
|
354
|
it
|
355
|
calls
|
356
|
.BR ssh .
|
357
|
This is the default
|
358
|
option for unprivileged users,
|
359
|
if no
|
360
|
.B --service
|
361
|
was defined. This operation is available to both privileged and regular
|
362
|
users. If the optional \fIhost\fP parameter is omitted,
|
363
|
.B shellinaboxd
|
364
|
connects to
|
365
|
.BR localhost .
|
366
|
|
367
|
Alternatively, an \fIapplication\fP can be specified by providing a
|
368
|
\fIuser\fP description, a working directory, and a command line:
|
369
|
.in +4
|
370
|
\fIAPPLICATION\fP := 'LOGIN' | 'SSH' [ ':' <host> ] | \fIUSER\fP ':' \fICWD\fP ':' \fICMD\fP
|
371
|
|
372
|
.in
|
373
|
The keyword 'AUTH' indicates that the \fIuser\fP information should
|
374
|
be requested interactively, instead of being provided as part of the
|
375
|
\fIservice\fP description:
|
376
|
.in +4
|
377
|
\fIUSER\fP := 'AUTH' |
|
378
|
<username> ':' <groupname>
|
379
|
.in
|
380
|
|
381
|
The working directory can either be given as an absolute path, or it
|
382
|
can be the user's home directory:
|
383
|
.in +4
|
384
|
\fICWD\fP := 'HOME' : <dir>
|
385
|
.in
|
386
|
|
387
|
The command that
|
388
|
.B shellinaboxd
|
389
|
executes can either be specified as the 'SHELL' keyword, denoting the user's
|
390
|
default login shell, or an arbitrary command line:
|
391
|
.in +4
|
392
|
\fICMD\fP := 'SHELL' : <cmdline>
|
393
|
.in
|
394
|
|
395
|
The <cmdline> supports expansion of variables of the form ${VAR}.
|
396
|
Supported variables are:
|
397
|
.RS
|
398
|
.TP \w'${columns}\ \ 'u
|
399
|
.B ${columns}
|
400
|
number of columns.
|
401
|
.TP
|
402
|
.B ${gid}
|
403
|
numeric group id.
|
404
|
.TP
|
405
|
.B ${group}
|
406
|
group name.
|
407
|
.TP
|
408
|
.B ${home}
|
409
|
home directory.
|
410
|
.TP
|
411
|
.B ${lines}
|
412
|
number of rows.
|
413
|
.TP
|
414
|
.B ${peer}
|
415
|
name of remote peer.
|
416
|
.TP
|
417
|
.B ${uid}
|
418
|
numeric user id.
|
419
|
.TP
|
420
|
.B ${url}
|
421
|
the URL that serves the terminal session.
|
422
|
.TP
|
423
|
.B ${user}
|
424
|
user name.
|
425
|
.P
|
426
|
Other than the default environment variables of
|
427
|
.BR $TERM ,
|
428
|
.B $COLUMNS
|
429
|
and
|
430
|
.BR $LINES ,
|
431
|
services can have environment variables passed to them, by preceding
|
432
|
the <cmdline> with space separated variable assignments of the form
|
433
|
.IR KEY = VALUE .
|
434
|
|
435
|
The <cmdline> supports single and double quotes, as well as
|
436
|
backslashes for escaping characters in the familiar fashion.
|
437
|
|
438
|
Please note that when invoking
|
439
|
.B shellinaboxd
|
440
|
from a command line shell, additional quoting might be required to
|
441
|
prevent the shell from expanding the variables prior to passing them
|
442
|
to the daemon.
|
443
|
|
444
|
If no explicit
|
445
|
.B --service
|
446
|
has been requested,
|
447
|
.B shellinaboxd
|
448
|
defaults to attaching the default service to the root directory of the web
|
449
|
server. For
|
450
|
.BR root ,
|
451
|
this is
|
452
|
.BR /bin/login ,
|
453
|
and for unprivileged users, this is \fBssh localhost\fP. This is equivalent
|
454
|
to saying
|
455
|
.BR --service=/:LOGIN ,
|
456
|
or
|
457
|
.BR --service=/:SSH ,
|
458
|
respectively.
|
459
|
.RE
|
460
|
.TP
|
461
|
\fB-t\fP\ |\ \fB--disable-ssl\fP
|
462
|
By default,
|
463
|
.B shellinaboxd
|
464
|
redirectes all incoming HTTP requests to their equivalent HTTPS
|
465
|
URLs. If promoting of connections to encrypted SSL/TLS sessions is
|
466
|
undesired, this behavior can be disabled.
|
467
|
|
468
|
This option is also useful during testing or for deployment in trusted
|
469
|
intranets, if SSL certificates are unavailable.
|
470
|
.TP
|
471
|
\fB--disable-ssl-menu\fP
|
472
|
If the user should not be able to switch between HTTP and HTTPS modes, this
|
473
|
choice can be removed from the context menu. The user can still make this
|
474
|
choice by directly going to the appropriate URL.
|
475
|
.TP
|
476
|
\fB-q\fP\ |\ \fB--quiet\fP
|
477
|
Surpresses all messages to
|
478
|
.IR stderr .
|
479
|
This option is mutually exclusive with
|
480
|
.B --debug
|
481
|
and
|
482
|
.BR --verbose .
|
483
|
.TP
|
484
|
\fB-u\fP\ |\ \fB--user=\fP\fIuid\fP
|
485
|
If started as
|
486
|
.BR root ,
|
487
|
the server drops privileges by changing to
|
488
|
.BR nobody ,
|
489
|
unless the
|
490
|
.I uid
|
491
|
has been overridden by this option.
|
492
|
|
493
|
For more details, refer to the description of the
|
494
|
.B --group
|
495
|
option.
|
496
|
.TP
|
497
|
\fB--user-css=\fP\fIstyles\fP
|
498
|
The visual appearance of the terminal emulator can be customized
|
499
|
through user-selectable style sheets. These style sheets will show up
|
500
|
as options in the right-click context menu of the terminal emulator.
|
501
|
|
502
|
Styles sheet make up either independently selectable on/off options,
|
503
|
or multiple style sheets can be grouped together. When forming a group,
|
504
|
only one member of the group can be active at any given time. This is
|
505
|
used for multiple-choice options.
|
506
|
|
507
|
Multiple independent groups are separated by semicolons:
|
508
|
.in +4
|
509
|
\fISTYLES\fP := \fIGROUP\fP { ';' \fIGROUP\fP }*
|
510
|
.in
|
511
|
|
512
|
The members of a group are separated by commas:
|
513
|
.in +4
|
514
|
\fIGROUP\fP := \fIOPTION\fP { ',' OPTION }*
|
515
|
.in
|
516
|
|
517
|
Groups with exactly one member are used for options that can be
|
518
|
independently turned on and off.
|
519
|
|
520
|
Options include a human readable label that will be shown in the
|
521
|
context menu, followed by the name of the CSS file. They also must
|
522
|
include an indicator showing whether the option should initially be
|
523
|
turned on or turned off. Within a group, exactly one option should be
|
524
|
turned on:
|
525
|
.in +4
|
526
|
\fIOPTION\fP := <label> ':' [ '-' | '+' ] <css-file>
|
527
|
.in
|
528
|
|
529
|
The user's selection of options will be persisted in a cookie. This
|
530
|
means, the default settings of options as passed on the command line
|
531
|
only takes effect the very first time the user visits the terminal
|
532
|
emulator in his browser. On all subsequent visits, the user's
|
533
|
preferences take precedence.
|
534
|
.TP
|
535
|
\fB-v\fP\ |\ \fB--verbose\fP
|
536
|
Enables logging of
|
537
|
.IR Apache -style
|
538
|
log file to
|
539
|
.IR stderr .
|
540
|
This option is mutually exclusive with
|
541
|
.B --debug
|
542
|
and
|
543
|
.BR --quiet .
|
544
|
.TP
|
545
|
\fB--version\fP
|
546
|
Prints the version number of the binary and exits.
|
547
|
.SH CONFIGURATION
|
548
|
There are no configuration files or permanent settings for
|
549
|
.BR shell\%ina\%boxd .
|
550
|
|
551
|
A small number of run-time configuration options are available from a
|
552
|
context menu that becomes available when clicking the right mouse
|
553
|
button. These options get persisted in a browser cookie.
|
554
|
|
555
|
Many sites already have a web server running and would like to
|
556
|
integrate
|
557
|
.B shellinaboxd
|
558
|
into their existing site. This is most commonly done by means of a
|
559
|
reverse-proxy entry for the main web server. For
|
560
|
.I Apache
|
561
|
this would require adding an option such as:
|
562
|
.in +4
|
563
|
<Location /shell>
|
564
|
ProxyPass http://localhost:4200/
|
565
|
Order allow,deny
|
566
|
Allow from all
|
567
|
</Location>
|
568
|
.in
|
569
|
|
570
|
If you are using a different web server, refer to that server's
|
571
|
documentation on how to configure reverse proxy operations.
|
572
|
|
573
|
When using a reverse proxy, the
|
574
|
.B --localhost-only
|
575
|
option would normally be enabled as well.
|
576
|
In addition, the
|
577
|
.B --disable-ssl
|
578
|
might also be considered depending on the exact configuration details
|
579
|
of the reverse proxy.
|
580
|
.SH EXAMPLES
|
581
|
.TP \w'shellinaboxd\ 'u
|
582
|
.B shellinaboxd
|
583
|
Attaches a web-enabled login shell to
|
584
|
.IR https://localhost:4200/ .
|
585
|
If the user connected without SSL, the session will automatically be promoted.
|
586
|
Unless SSL certificates can be found in the current directory, the daemon will
|
587
|
automatically generate suitable self-signed certificates. If the command was
|
588
|
invoked by a non-\fBroot\fP user, the daemon uses
|
589
|
.B ssh
|
590
|
instead of
|
591
|
.B /bin/login
|
592
|
for the session.
|
593
|
.TP
|
594
|
.B shellinaboxd -t
|
595
|
Attaches a web-enabled login shell to
|
596
|
.I http://localhost:4200/
|
597
|
with SSL/TLS support disabled.
|
598
|
.TP
|
599
|
.B shellinaboxd -t -f beep.wav:/dev/null
|
600
|
Runs all services with the audible-bell permanently disabled.
|
601
|
.TP
|
602
|
.B shellinaboxd -s /:SSH:example.org
|
603
|
The terminal connects to a
|
604
|
.B ssh
|
605
|
session on
|
606
|
.IR example.org .
|
607
|
.TP
|
608
|
.B shellinaboxd -t -s /:AUTH:HOME:/bin/bash
|
609
|
Interactively request the user's name and password prior to launching
|
610
|
a Bourne shell. This command can be run by unprivileged users. But if
|
611
|
doing so, it only allows this particular user to log in.
|
612
|
.TP
|
613
|
.B shellinaboxd -c certificates -u shellinabox -g shellinabox
|
614
|
If the
|
615
|
.B certificates
|
616
|
directory exists and is writable by the
|
617
|
.B shellinabox
|
618
|
user and group, self-signed SSL certificates will be generated in this
|
619
|
directory. This might require creating an appropriately named user first.
|
620
|
Running this command as
|
621
|
.B root
|
622
|
allows any user on the system to log in at
|
623
|
.BR http://localhost:4200/ .
|
624
|
Sessions will automatically be promoted to SSL/TLS.
|
625
|
.TP
|
626
|
.B shellinaboxd -t -s /:LOGIN -s /who:nobody:nogroup:/:w
|
627
|
In addition to the login shell at
|
628
|
.IR http://localhost:4200 ,
|
629
|
show a list of currently logged in users when accessing
|
630
|
.IR http://localhost:4200/who .
|
631
|
This command must be run as
|
632
|
.B root
|
633
|
in order to be able to change to
|
634
|
.B nobody:nogroup
|
635
|
as requested by the service description.
|
636
|
.TP
|
637
|
.B shellinaboxd -t -s '/:root:root:/:wy60 -c /bin/login'
|
638
|
Instead of the standard
|
639
|
.B ANSI/VT100
|
640
|
terminal, publish a
|
641
|
.B Wyse 60\*(Tm
|
642
|
terminal. Again, this command should be run as
|
643
|
.BR root .
|
644
|
.TP
|
645
|
.B shellinaboxd --css white-on-black.css
|
646
|
Loads the
|
647
|
.B white-on-black.css
|
648
|
style sheet
|
649
|
from the current directory
|
650
|
and appends it to the built-in
|
651
|
.B styles.css
|
652
|
sheet. This causes the terminal to always render white text on a black
|
653
|
background.
|
654
|
.TP
|
655
|
.B shellinaboxd --user-css Normal:+black-on-white.css,Reverse:-white-on-black.css
|
656
|
Allow the user to select whether they want text to be rendered
|
657
|
normally or in reverse video. This command line option adds a new
|
658
|
entry to the right-click context menu.
|
659
|
.P
|
660
|
.SH DIAGNOSTICS
|
661
|
The daemon returns a non-zero exit code in case of failure. With the
|
662
|
exception of a small number of common error cases that are handled
|
663
|
explicitly, most errors result in printing a
|
664
|
.I \(dqCheck failed\(dq
|
665
|
message. This does not typically indicate a bug in the program but is
|
666
|
instead its normal way of reporting errors.
|
667
|
|
668
|
Common failure conditions are reusing a port that is already in use,
|
669
|
lack of sufficient privileges to run a service, failure to find
|
670
|
SSL/TLS certificates, and failure to write newly generated
|
671
|
certificates to the certification directory.
|
672
|
.SH "SEE ALSO"
|
673
|
.BR chmod (1),
|
674
|
.BR last (1),
|
675
|
.BR login (1),
|
676
|
.BR sh (1),
|
677
|
.BR shells (5),
|
678
|
.BR openssl (1SSL),
|
679
|
.BR w (1),
|
680
|
.BR wy60 (1),
|
681
|
.BR xterm (1).
|
682
|
.SH SECURITY
|
683
|
The daemon uses privilege separation techniques to allow it to drop
|
684
|
privileges early. It is aware of setuid flags and restricts some
|
685
|
operations when launched as a setuid application.
|
686
|
|
687
|
Despite these safety features, a bug could conceivably lead to a
|
688
|
determined attacker gaining elevated privileges. It is therefore
|
689
|
strongly discouraged to set the setuid flag on the binary.
|
690
|
|
691
|
The expected deployment would be from a system
|
692
|
.I rc
|
693
|
script launched by
|
694
|
.BR /sbin/init .
|
695
|
For extra security, the
|
696
|
.B --group
|
697
|
and
|
698
|
.B --user
|
699
|
options should be used to change to a dedicated user.
|
700
|
.SH AUTHOR
|
701
|
Copyright (C) 2008-2010 by Markus Gutschke
|
702
|
.RI < "markus@shellinabox.com" >.
|
703
|
.P
|
704
|
This program is free software; you can redistribute it and/or modify
|
705
|
it under the terms of the GNU General Public License version 2 as
|
706
|
published by the Free Software Foundation.
|
707
|
.P
|
708
|
This program is distributed in the hope that it will be useful,
|
709
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
710
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
711
|
GNU General Public License for more details.
|
712
|
.P
|
713
|
You should have received a copy of the GNU General Public License
|
714
|
along with this program; if not, write to the Free Software
|
715
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
|
716
|
USA
|
717
|
.P
|
718
|
In addition to these license terms, the author grants the following
|
719
|
additional rights:
|
720
|
.P
|
721
|
If you modify this program, or any covered work, by linking or
|
722
|
combining it with the OpenSSL project's OpenSSL library (or a
|
723
|
modified version of that library), containing parts covered by the
|
724
|
terms of the OpenSSL or SSLeay licenses, the author
|
725
|
grants you additional permission to convey the resulting work.
|
726
|
Corresponding Source for a non-source form of such a combination
|
727
|
shall include the source code for the parts of OpenSSL used as well
|
728
|
as that of the covered work.
|
729
|
.P
|
730
|
You may at your option choose to remove this additional permission from
|
731
|
the work, or from any part of it.
|
732
|
.P
|
733
|
If you would like to negotiate different licensing terms that are
|
734
|
compatible for integration with other projects, please contact the
|
735
|
author.
|
736
|
.P
|
737
|
If the OpenSSL
|
738
|
system libraries can be found at run-time, they will be invoked by
|
739
|
.B shellinaboxd
|
740
|
to provide SSL/TLS support. The OpenSSL and SSLeay
|
741
|
licenses require the following notices:
|
742
|
.P
|
743
|
This product includes software developed by the OpenSSL Project
|
744
|
for use in the OpenSSL Toolkit. (http://www.openssl.org/)
|
745
|
.P
|
746
|
This product includes cryptographic software written by Eric Young
|
747
|
(eay@cryptsoft.com)
|
748
|
.SH BUGS
|
749
|
Due to browser limitations, some features might not be available to
|
750
|
users of all browers.
|
751
|
.P
|
752
|
Konqueror does not allow for reliable interception of
|
753
|
.I CTRL
|
754
|
keys. If you press a key together with the
|
755
|
.I CTRL
|
756
|
modifier, it continues performing the browser's predefined behavior for
|
757
|
this particular key combination. In most cases, it also fails to report
|
758
|
the correct key to the terminal emulator. As a work-around, pressing
|
759
|
both the
|
760
|
.I CTRL
|
761
|
and the
|
762
|
.I WINDOWS
|
763
|
key sometimes works.
|
764
|
.P
|
765
|
Some browsers, most notably IE on Windows, disallow interception of
|
766
|
.I ALT
|
767
|
keys and always interpret these keys as menu accelerators. As a
|
768
|
work-around, many UNIX applications allow pressing
|
769
|
.IR ESC ,
|
770
|
instead of
|
771
|
.IR ALT .
|
772
|
.P
|
773
|
When using non-US keyboard layouts, some browser do not allow for
|
774
|
reliably determining shifted
|
775
|
.I ALT
|
776
|
keys. Please report these cases if they turn out to be a problem, as
|
777
|
work-arounds might be possible.
|
778
|
.P
|
779
|
Access to the native clipboard is typically not possible. Instead, an
|
780
|
internal clipboard accessible from the right-button context menu is used
|
781
|
for all but IE.
|
782
|
.P
|
783
|
Some browsers restrict the number of concurrent connections to a
|
784
|
server. This restricts how many AJAX terminals can be opened
|
785
|
simultaneously. If this becomes a problem, users can typically
|
786
|
reconfigure their browsers to raise the limit.
|
787
|
.P
|
788
|
There have been reports of the VLC plugin on Linux/x86_64 crashing Firefox
|
789
|
when the browser page gets reloaded. Setting the
|
790
|
.B --no-beep
|
791
|
option eliminates all references to VLC and thus appears to work around
|
792
|
this crash.
|