Web-based SSH
Web-based SSH makes it possible to access Secure Shell servers through standard web browsers. Respective clients are based on JavaScript/AJAX and can be used to anonymously access SSH servers from behind any firewall or proxy.
Technology
Web-based SSH clients basically consist of the following parts:
- Client Side: Typically JavaScript and dynamic HTML pages are used to capture key interactions, transmit messages to/from the server and display the results of interaction in the executing web browser.
- Server Side/Web Application: On the web application server, incoming requests are processed. The information on key interactions is forwarded to a secure shell client communicating with the accessed SSH server. The responding server screen is translated into HTML/JavaScript code and transmitted to the client.
Each keyboard interaction triggers a request which is usually issued by use of AJAX. The response to this request is the information on the server screen as it appears after performing the described key press.
Advantages
The main advantages of web-based SSH can be summarized as follows:
- Accessibility: Web-based SSH as described in this article requires no local installation of client software. It is thus possible to access SSH servers through any web browser from any public internet terminal. As communication is based on HTTP or HTTPS, it is also possible to access SSH servers from behind any firewall or proxy restricting internet access to port 80 or 443.
- Anonymous access: As SSH access is tunnelled through the server-side web application, it is the web application server which actually communicates with the SSH server. Therefore, the SSH server gets only the IP address of the web application server whereas the IP of the actual client is hidden.
Important Issues
The following issues have to be considered and are important when using a web-based SSH client:
- Security: It is important to make sure that HTTPS is used for communicating with the web application server. Otherwise all data being sent would be readable by use of simple packet sniffers, which could reveal sensitive information.
- Trust: The data being sent to the web application server is decrypted there. This is necessary in order to forward the issued commands to the actual SSH server. Even though the operators of web based SSH solutions usually don’t log sensitive data[1][2]
, you have to be aware of the fact that your data is theoretically available to them in plain form.
References
- ^ serFISH.com. "consoleFISH: Terms & Conditions". serFISH.com. Retrieved 2008-03-26.
- ^ gotoSSH.com. "gotoSSH.com Security". gotoSSH.com. Retrieved 2008-03-26.
External Links
Software for installation on own servers:
Services who offer access to any SSH server:
- consoleFISH - Free access to SSH servers
- gotoSSH - Based on a monthly fee, free trial available
- my.anyterm.org - Based on a yearly fee