Shellinabox is a defunct software, that has just been forked, and the development is now running -> https://github.com/shellinabox/shellinabox
Thanks to https://github.com/KLuka and all unknown heroes.
I took my source from Epel, think before to enable the repository.
Add EPEL repo:
yum localinstall http://ftp.heanet.ie/pub/fedora/epel/6/i386/epel-release-6-8.noarch.rpm
eorepo centos-base centos-updates nethserver-base nethserver-updates
then you can install nethserver-shellinabox
yum install http://mirror.de-labrusse.fr/nethserver/nethserver-shellinabox/nethserver-shellinabox-0.0.8-1.el6.noarch.rpm --enablerepo=epel
A panel is available in the security category for managing shellinabox, if you want to allow users, go to the user panel and check the relevant box
see the database
# config show shellinaboxd shellinaboxd=service FixedIP= # IP1,IP2,IP3 Name=shell # http://IP/shell (can be changed) PublicAccess=private # web access (private or public or IP) ShellUsers= # user1,user2,user3 (admin user is written in the rock of template) TCPPort=1870 # deamon port (can be changed) WebAuth=disabled # disabled or enabled (allow an apache authentication) access=none # only used by the deamon, don't change it status=enabled # enabled or disabled
when you modify something, do
config setprop shellinaboxd PublicAccess IP FixedIP 192.168.156.12,192.168.156.14 ShellUsers toto,titi,tutu signal-event nethserver-shellinabox-save
I use an apache reverse proxy, therefore apache is here to allow users.
if PublicAccess=private then you have no apache authentication, juts the ssh login but you can specify it with WebAuth=enabled (private would mean that it can be used only on the local network)
If you set to PublicAccess=public (whole internet) then you need to use the user admin, or any specified users at ‘ShellUsers’ (comma separated list)
If you are paranoid you can specify a list of allowed IP to use shellinabox, the apache authentication is a mandatory here.
PublicAccess=IP FixedIP=IP1,IP2,IP3 #(comma separated list)
You can access shellinabox pointing your browser to:
A valid NFR could be to display shellinabox directly in the server-manager but yet I don’t know how to do it, if you have clues, that would be good.
The good user experience depends of your browser, chromium, unfortunately, is known to be good, Firefox has one issue, the middle click paste function is prohibited for security reason. I raised a bug report, but the patch is not yet implemented in epel.