Shell in a box

From Linuxintro
Revision as of 07:58, 5 August 2012 by imported>ThorstenStaerk

Shell in a Box allows you to control a computer over the network using a Linux console in a web page. This article shows how to set it up with SUSE Linux 12.1. It should work same or similar with every distribution.

  • Download shell in a box from google
wget http://shellinabox.googlecode.com/files/shellinabox-2.11.tar.gz
tar xvzf shellinabox-2.11.tar.gz
yast -i make
cd shellinabox-2.11
./configure && make && make install
  • make sure the firewall is open, here is an example for SUSE Linux:
rcSuSEfirewall2 stop
  • add a user for shell in a box, in this example user
useradd -m user
passwd user
  • call shell in a box
cd /tmp
shellinaboxd &

Make it persistant

You want the shell in a box daemon shellinaboxd to be started when booting your machine, so

  • add the following line to /etc/init.d/boot.local:
shellinaboxd &
  • configure the firewall to always open up port 80 or stop it persistantly:
chkconfig SuSEfirewall2_setup off
chkconfig SuSEfirewall2_init off
  • configure apache to start on boot
chkconfig apache2 on

Co-exist with a web server

You probably want shell in a box to be reachable via port 80 (so you can use it from within a typical corporate network) and you may want to run a web server on the same machine. So here is how you integrate shell in a box into an Apache2 web server

  • install apache2, in this example for SUSE Linux 12.1:
yast -i apache2
  • enable a reverse proxy. To do this, edit /etc/sysconfig/apache2 and add the following words to APACHE_MODULES: proxy proxy_http. In the end your line may read like this:
APACHE_MODULES="actions alias auth_basic proxy proxy_http authn_file authz_host authz_groupfile authz_default authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl userdir php5"
<IfModule mod_proxy.c>
<Location /shell>
    ProxyPass http://127.0.0.1:4200
</Location>
</IfModule>

TroubleShooting

Symptom: ShellInABoxD does not start, it tells the error message:

Cannot read valid certificate from "certificate.pem". Check file permissions and file format.

Reason: See http://code.google.com/p/shellinabox/issues/detail?id=59. ShellInABoxD tries to create a file certificate.pem in the folder where it is started as user nobody:

/tmp # ll certificate.pem 
-rw------- 1 nobody nogroup 2794 Aug  5 07:53 certificate.pem

Solution: Start shellinaboxd in a directory that every user can access, e.g. /tmp:

cd /tmp
shellinaboxd &

See also