Jump to content

Web-based SSH

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by J.crox (talk | contribs) at 08:24, 26 March 2008 (Created page with 'Web-based SSH makes it possible to access Secure Shell servers through standard web browsers. Respective clients are based on [[JavaScr...'). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)

Web-based SSH makes it possible to access Secure Shell servers through standard web browsers. Respective clients are based on JavaScript/AJAX and can be used to anonymously access SSH servers from behind any firewall or proxy.

Technology

Web-based SSH clients basically consist of the following parts:

  • Client Side: Typically JavaScript and dynamic HTML pages are used to capture key interactions, transmit messages to/from the server and display the results of interaction in the executing web browser.
  • Server Side/Web Application: On the web application server, incoming requests are processed. The information on key interactions is forwarded to a secure shell client communicating with the accessed SSH server. The responding server screen is translated into HTML/JavaScript code and transmitted to the client.

Each keyboard interaction triggers a request which is usually issued by use of AJAX. The response to this request is the information on the server screen as it appears after performing the described key press.

Advantages

The main advantages of web-based SSH can be summarized as follows:

  • Accessibility: Web-based SSH as described in this article requires no local installation of client software. It is thus possible to access SSH servers through any web browser from any public internet terminal. As communication is based on HTTP or HTTPS, it is also possible to access SSH servers from behind any firewall or proxy restricting internet access to port 80 or 443.
  • Anonymous access: As SSH access is tunnelled through the server-side web application, it is the web application server which actually communicates with the SSH server. Therefore, the SSH server gets only the IP address of the web application server whereas the IP of the actual client is hidden.

Important Issues

The following issues have to be considered and are important when using a web-based SSH client:

  • Security: It is important to make sure that HTTPS is used for communicating with the web application server. Otherwise all data being sent would be readable by use of simple packet sniffers, which could reveal sensitive information.
  • Trust: The data being sent to the web application server is decrypted there. This is necessary in order to forward the issued commands to the actual SSH server. Even though the operators of web based SSH solutions usually don’t log sensitive data[1][2]

, you have to be aware of the fact that your data is theoretically available to them in plain form.

References

  1. ^ serFISH.com. "consoleFISH: Terms & Conditions". serFISH.com. Retrieved 2008-03-26.
  2. ^ gotoSSH.com. "gotoSSH.com Security". gotoSSH.com. Retrieved 2008-03-26.

Software for installation on own servers:

Services who offer access to any SSH server: