Shell in a box

From LinuxIntro
(Redirected from ShellinAbox)
Jump to: navigation, search

Shell in a Box allows you to control a computer over the network using a Linux console in a web page.

Contents

Install it

Get it

  • Download shell in a box from google
 wget http://shellinabox.googlecode.com/files/shellinabox-2.14.tar.gz
 tar xvzf shellinabox-2.14.tar.gz
 cd shellinabox-2.14
 ./configure && make && make install
  • make sure the firewall is open, here is an example for SUSE Linux:
 rcSuSEfirewall2 stop
  • you are not allowed to log in as root, so make sure you have at least one ordinary user. Add a user name user like this:
 useradd -m user
 passwd user
  • call shell in a box
 cd /tmp
 shellinaboxd &

Make it persistent

You want the shell in a box daemon shellinaboxd to be started when booting your machine, so

for SUSE Linux

  • add the following line to /etc/init.d/boot.local:
 shellinaboxd &
  • configure the firewall to always open up port 80 or stop it persistantly:
 chkconfig SuSEfirewall2_setup off
 chkconfig SuSEfirewall2_init off
  • configure apache to start on boot
 chkconfig apache2 on

for Ubuntu

To start the shellinabox daemon after reboot add the following line to /etc/crontab:

 @reboot root /usr/local/bin/shellinaboxd &

This will start the daemon only on reboot as a background job.

Use in a web server

You probably want shell in a box to be reachable via port 80 (so you can use it from within a typical corporate network) and you may want to run a web server on the same machine. So here is how you integrate shell in a box into an Apache2 web server

for SUSE Linux

  • install apache2, in this example for SUSE Linux 12.1:
 yast -i apache2
  • enable a reverse proxy. To do this, edit /etc/sysconfig/apache2 and add the following words to APACHE_MODULES: proxy proxy_http. In the end your line may read like this:
 APACHE_MODULES="actions alias auth_basic proxy proxy_http authn_file authz_host authz_groupfile authz_default authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl userdir php5"
 <IfModule mod_proxy.c>
 <Location /shell>
     ProxyPass http://127.0.0.1:4200
 </Location>
 </IfModule>

for Ubuntu

  • install apache2
 apt-get install apache2
  • enable apache's proxy module:
 a2enmod proxy
  • do
 ln -s /etc/apache2/mods-available/proxy_http.load /etc/apache2/mods-enabled/proxy_http.load
 <Location /shell>
     ProxyPass http://127.0.0.1:4200
     Allow from 127.0.0.1
 </Location>
  • restart apache
 /etc/init.d/apache2 restart
  • test if the module has indeed been loaded:
 # apache2ctl -t -D DUMP_MODULES 2>&1 | grep proxy_http
  proxy_http_module (shared)

TroubleShooting

cannot read valid certificate

Symptom: ShellInABoxD does not start, it tells the error message:

 Cannot read valid certificate from "certificate.pem". Check file permissions and file format.

Reason: See http://code.google.com/p/shellinabox/issues/detail?id=59. ShellInABoxD tries to create a file certificate.pem in the folder where it is started as user nobody:

 /tmp # ll certificate.pem 
 -rw------- 1 nobody nogroup 2794 Aug  5 07:53 certificate.pem

Solution: Start shellinaboxd in a directory that every user can access, e.g. /tmp:

 cd /tmp
 shellinaboxd &

forkpty() failed

Symptom
When you surf to the shellinabox page you see an error message
 forkpty() failed
Solution
Kill all shellinaboxd processes and start them with root privileges:
 killall shellinaboxd
 shellinaboxd --user=0 & disown

minus sign

Symptom
The minus sign does not work if you type it on the keypad.
Solution
I could fix this by using Safari instead of FireFox

See also