- Project page – http://code.google.com/p/shellinabox/
- Shell In A Box implements a web server that can export arbitrary command line tools to a web based terminal emulator. This emulator is accessible to any JavaScript and CSS enabled web browser and does not require any additional browser plugins.
- http://www.freshports.org/www/shellinabox/
- Shell In A Box is a web server that can export arbitary command line tools to a
web based terminal emulator - “Shell In A Box Gives Your Browser Terminal Status” by Ken Hess (2010.09.19) – http://www.linux-mag.com/id/7864/
- Shell In A Box gives you simple web-based terminal access to your Linux system.
- https://help.ubuntu.com/community/shellinabox
- “How to install Shell In a Box” – http://www.acmesystems.it/shellinabox
- “shellinabox With Apache Authentication Over HTTPS 443” (scottlinux.com; 2010.12.15) – http://scottlinux.com/2010/12/15/shellinabox-with-apache-authentication-over-https-443/
- “Shellinabox” by BobJunior – http://bobjunior.com/linux/shellinabox/
- http://freecode.com/projects/shellinabox
- Shell In A Box implements a Web server that can export arbitrary command line tools to a Web-based terminal emulator. This emulator is accessible to any JavaScript and CSS enabled Web browser, and does not require any additional browser plugins. Most typically, login shells would be exported this way: “shellinaboxd -s /:LOGIN”. This starts a Web server at http://localhost:4200 that allows users to log in with their username and password and to get access to their login shell. The connection will be encrypted if SSL/TLS certificates are available.
- “Installing Shell In A Box – Ubuntu Server 11.04” (YouTube video) – http://www.youtube.com/watch?v=d4sgJY7-_r0
2012.05.05
Shell-In-A-Box
2012.04.27
2010.12.16
SSH, OpenSSH
- “Top 20 OpenSSH Server Best Security Practices” at UnixCraft – http://www.cyberciti.biz/tips/linux-unix-bsd-openssh-server-best-practices.html
- “How do I permit specific users SSH access?” (SoftLayer) – http://knowledgelayer.softlayer.com/questions/295/How+do+I+permit+specific+users+SSH+access%3F
- “Six things I wish Mom told me (about ssh)” – http://blog.ksplice.com/2010/08/six-things-i-wish-mom-told-me-about-ssh/
- “ProxyCommand – SSH Key on Proxing Machine” (comp.security.ssh; 2009) – http://groups.google.com/group/comp.security.ssh/browse_thread/thread/1e5ae560420b9d12
- “Quick HOWTO: Ch17 : Secure Remote Logins and File Copying” (LHN) – http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch17_:_Secure_Remote_Logins_and_File_Copying
- “Securing your ssh server” (Racker Hacker blog) – http://rackerhacker.com/2010/10/12/securing-your-ssh-server/
- “How to connect to a non standard SSH port in the Mac terminal” – http://chimac.net/2011/01/08/how-to-connect-to-a-non-standard-ssh-port-in-the-mac-terminal/
- ssh -p 12345 remoteUsername@address.of.remote.system
- “Best Practices to secure a OPENSSH/SSH Server” – http://teknoteknik.wordpress.com/2010/07/06/best-practices-to-secure-a-opensshssh-server/
- “Quick and dirty manual compile of OpenSSH on CentOS 5” (#!/bin/blog; 2008.04.06) – http://binblog.info/2008/04/06/quick-and-dirty-manual-compile-of-openssh-on-centos-5/
- “Using the SSH agent from daemon processes” (#!/bin/blog; 2008.12.31) – http://binblog.info/2008/12/31/using-the-ssh-agent-from-daemon-processes/
- “OpenSSH: Going flexible with forced commands” (#!/bin/blog; 2008.10.20) – http://binblog.info/2008/10/20/openssh-going-flexible-with-forced-commands/
- Secure Copy (SCP) (WikiPedia) – http://en.wikipedia.org/wiki/Secure_copy
- SSH tricks at SuperUser – http://superuser.com/questions/tagged/telnet+ssh
- related:
- Telnet tricks at SuperUser: Telnet tricks – http://superuser.com/questions/tagged/telnet | PuTTY tricks – http://superuser.com/questions/tagged/putty | Tunnels – http://superuser.com/questions/tagged/putty+tunnel
SSHFS (SSH FileSystem)
- “SSH Filesystem” – http://fuse.sourceforge.net/sshfs.html
- http://en.wikipedia.org/wiki/SSHFS
- https://help.ubuntu.com/community/SSHFS
- SHSFS FAQ – http://sourceforge.net/apps/mediawiki/fuse/index.php?title=SshfsFaq
Related:
- FISH (Files transferred over shell) protocol (WikiPedia) – http://en.wikipedia.org/wiki/Files_transferred_over_shell_protocol
- FTPFS – http://en.wikipedia.org/wiki/FTPFS
- WebDrive – http://en.wikipedia.org/wiki/WebDrive | http://www.webdrive.com/products/webdrive/
- FTPDrive – http://en.wikipedia.org/wiki/FTPDrive | http://www.killprog.com/fdrve.html
Authentication via public keys
- ‘OpenSSH key management” by Daniel Robbins (IBM):
- OpenSSH key management, Part 1 (2001.07.01) – http://www.ibm.com/developerworks/library/l-keyc.html
- OpenSSH key management, Part 2 (2001.09.01) – http://www.ibm.com/developerworks/library/l-keyc2/
- OpenSSH key management, Part 3 (2002.02.01) – http://www.ibm.com/developerworks/library/l-keyc3/
- “SSH with authentication key instead of password” – http://www.debian-administration.org/articles/530
- “Public key authentication with ssh” – http://www.linuxquestions.org/linux/answers/Networking/Public_key_authentication_with_ssh
- OpenSSH Public Key Authentication – http://web.archive.org/web/20070418231823/http://sial.org/howto/openssh/publickey-auth/
- “SSH Public Key (/w RSA) Authentication and SSH Tunneling – Part 1” (ipsure; 2010.02.03) – http://www.ipsure.com/blog/2010/ssh-public-key-w-rsa-authentication-and-ssh-tunneling-part-1/
SFTP
- “Chrooted SFTP with Public Key Authentication” (IPSURE; 2010.12.10) – http://www.ipsure.com/blog/2010/chrooted-sftp-with-public-key-authentication/
- How to mount SFTP accesses – http://wiki.gilug.org/index.php/How_to_mount_SFTP_accesses
- “OpenSSH chrooted SFTP (e.g. for Webhosting)” (#!/bin/blog; 2008.04.06) – http://binblog.info/2008/04/06/openssh-chrooted-sftp-eg-for-webhosting/
FTPS vs SFTP
- “FTPS vs. SFTP: What to Choose” by Eugene Mayevski (CodeGuru; 2007.10.11) – http://www.codeguru.com/csharp/.net/net_general/internet/article.php/c14329
- “FTPS vs. SFTP, once and for all” (#!/bin/blog; 2010.10.12) – http://binblog.info/2010/10/12/ftps-vs-sftp-once-and-for-all/
- FTPS (WikiPedia) – http://en.wikipedia.org/wiki/FTPS
- SSH File Transfer Protocol (Wikipedia) – http://en.wikipedia.org/wiki/SSH_file_transfer_protocol
- “Setup groups and users in FileZilla Server and connect with ftpes” (Banbika’s Blog; 2010.08.28) – http://banbika.wordpress.com/2010/08/28/setup-groups-and-users-in-filezilla-server-and-connect-with-ftpes/
- “Install and Configure FTP Secure (FTPS) or FTP-SSL using FileZilla” (Banbika’s Blog; 2010.08.24) – http://banbika.wordpress.com/2010/08/24/install-and-configure-ftp-secure-ftps-or-ftp-ssl-using-filezilla/
Using SCP
- Example syntax for Secure Copy (scp) – http://www.hypexr.org/linux_scp_help.php
- Copy the file “foobar.txt” from a remote host to the local host: $ scp your_username@remotehost.edu:foobar.txt /some/local/directory
- Copy the file “foobar.txt” from the local host to a remote host: $ scp foobar.txt your_username@remotehost.edu:/some/remote/directory
- Copy the directory “foo” from the local host to a remote host’s directory “bar”: $ scp -r foo your_username@remotehost.edu:/some/remote/directory/bar
- Copy the file “foobar.txt” from remote host “rh1.edu” to remote host “rh2.edu”: $ scp your_username@rh1.edu:/some/remote/directory/foobar.txt \
your_username@rh2.edu:/some/remote/directory/ - Copying the files “foo.txt” and “bar.txt” from the local host to your home directory on the remote host: $ scp foo.txt bar.txt your_username@remotehost.edu:~
- Copy multiple files from the remote host to your current directory on the local host: $ scp your_username@remotehost.edu:/some/remote/directory/\{a,b,c\}. Also:: $ scp your_username@remotehost.edu:~/\{foo.txt,bar.txt\} .
Use of Expect with SSH suite applications
Password-less SFTP
Establish the SFTP connection to the system AAAA where the user account BBBB has password CCCC, and go to the directory DDDD, all without being prompted to enter the password:
sftpToAAAA.expect |
#!/bin/expect # sftpToAAAA.expect spawn sftp BBBB@AAAA expect "password" { sleep 1 send "CCCC\n" } send "cd DDDD\n" interact |
All normal warning on the danger of hard-wiring the password into scripts are in place here.
Password-less SCP
Use the SCP to upload connect system AAAA with user account BBBB (that has password CCCC), and upload the file EEEE to the directory DDDD, all without being prompted to enter the password:
UploadEEEEtoAAAA.expect |
#!/bin/expect spawn scp EEEE BBBB@AAAA:DDDD/EEEE expect "password" { send "CCCC\n" } |
More
- Expect and SSH – http://rootprompt.org/article.php3?article=9187
- expect and ssh – http://www.unix.com/unix-advanced-expert-users/50467-expect-ssh.html
- Expect and SSH in Cygwin – http://forums.devshed.com/unix-help-35/expect-and-ssh-in-cygwin-176556.html
2010.04.20
Unix hardening
General
- “20 Linux Server Hardening Security Tips” at UnixCraft – http://www.cyberciti.biz/tips/linux-security.html
- “Linux Security Basics” by Michael Dougherty (2010.07.05) – http://www.brighthub.com/computing/linux/articles/76572.aspx
Passwords
- “Info: Enforcing a Strict Password Rule” by “kopeah” (OverClock.net; 2005.07.11) – http://www.overclock.net/faqs/33217-info-enforcing-strict-password-rule.html
- “7 Examples to Manage Linux Password Expiration and Aging Using chage” by Dhineshkumar Manikannan (2009.04.23) – http://www.thegeekstuff.com/2009/04/chage-linux-password-expiration-and-aging/
Logging and auditing
- “Quick HOWTO : Ch17 : Secure Remote Logins and File Copying” (LHN) – http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch17_:_Secure_Remote_Logins_and_File_Copying
Related:
- SSH, OpenSSH – https://eikonal.wordpress.com/2010/12/16/ssh-openssh/