currently only implements SSH Inception

To change access credentials for SSH, go to line 770 in main.js and alter them. Designed to be 'idiot proof' right now and hide the cushy web interface for students. It's only built for one user now though (me)

Chef recipie for EDURange deployment is located in eduBook.rb. Installs everything that EDUBook needs to run on a ubuntu VPC, and starts the service! The shell part works fine on VPS boxes, I haven't tested the ruby wrapper yet.

A simple web application to be used as an ssh client to connect to your ssh servers. It is written in Python, base on tornado, paramiko and xterm.js.

• SSH password authentication supported, including empty password.
• SSH public-key authentication supported, including DSA RSA ECDSA Ed25519 keys.
• Encrypted keys supported.
• Two-Factor Authentication(time-based one-time password) supported.
• Fullscreen terminal supported.
• Terminal window resizable.
• Auto detect the ssh server's default encoding.
• Modern browsers including Chrome, Firefox, Safari, Edge, Opera supported.

+---------+     http     +--------+    ssh    +-----------+
| browser | <==========> | webssh | <=======> | ssh server|
+---------+   websocket  +--------+    ssh    +-----------+

• Python 2.7/3.4+

// connect to your ssh server
wssh.connect(hostname, port, username, password, privatekey, passphrase, totp);

// pass an object to wssh.connect
var opts = {
  hostname: 'hostname',
  port: 'port',
  username: 'username',
  password: 'password',
  privatekey: 'the private key text',
  passphrase: 'passphrase',
  totp: 'totp'
};
wssh.connect(opts);

// without an argument, wssh will use the form data to connect
wssh.connect();

// set a new encoding for client to use
wssh.set_encoding(encoding);

// reset encoding to use the default one
wssh.reset_encoding();

// send a command to the server
wssh.send('ls -l');

Custom font family usage example:

<style>
  @font-face {
    font-family: 'font-name';
    src: url('static/css/fonts/your-favorite-font');
  }

  body {
    font-family: 'font-name';
  }
</style>

Support passing arguments by url (query or fragment) like following examples:

Passing form data

http://localhost:8888/?hostname=xx&username=yy

Passing a terminal background color

http://localhost:8888/#bgcolor=green

Passing a user defined title

http://localhost:8888/?title=my-ssh-server

Passing an encoding

http://localhost:8888/#encoding=gbk

Start up the app

docker-compose up

Tear down the app

docker-compose down

Use unittest to run all tests

python -m unittest discover tests

Use pytest to run all tests

python -m pytest tests

Running behind an Nginx server

wssh --address='127.0.0.1' --port=8888 --policy=reject

# Nginx config example
location / {
    proxy_pass http://127.0.0.1:8888;
    proxy_http_version 1.1;
    proxy_read_timeout 300;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Real-PORT $remote_port;
}

Running as a standalone server

wssh --port=8080 --sslport=4433 --certfile='cert.crt' --keyfile='cert.key' --xheaders=False --policy=reject

• For whatever deployment choice you choose, don't forget to enable SSL.
• By default plain http requests from a public network will be either redirected or blocked and being redirected takes precedence over being blocked.
• Try to use reject policy as the missing host key policy along with your verified known_hosts, this will prevent man-in-the-middle attacks. The idea is that it checks the system host keys file("~/.ssh/known_hosts") and the application host keys file("./known_hosts") in order, if the ssh server's hostname is not found or the key is not matched, the connection will be aborted.