Re: SSH from web
On Thu, Apr 22, 2004 at 03:31:41PM +1000, Paul Foote wrote:
> I was put in an rough position today, I wont go into tiny details but
> basicly I had to use a web browser if I wanted to use my email, and
> there was no way I was allowed out of that. As far as I know the machine
> I was on wasnt blocking everything bar port 80, just the one track minded
> idiots I
> was dealing with would only let me do my business in a web browser.
> Basicly: what do you guys do in the same situation, what stuff do you
> guys have on your boxes that you mutt from to log in via a web browser?
>
> Basicly I want people to reccomend java or activex or whatever ssh
> clients so that I can type in a URL in an internet connected machine and
> type in my username and password and go bang, theres mutt and everything
> else residing in my screen session.
Amusingly enough, I had to deal with the same problem when I came to work
at my current job. I actually could install anything on my desktop (the
pleasure of being in IT), but had to go through an authenticating proxy and
only had access to port 80. No problem, I thought! I have a web-based SSH
client.
Unfortunately, 'ssh client' requires you (ideally) to have outbound port 22
access and, definitely, to be able to actually establish a socket
connection. For us, I couldn't have outbound port 22. So I figured hey,
no problem! I've got spare external IPs, I'll run ssh on port 80 on another
IP.
Problem is that the proxy doesn't do stateful connections -- just the
standard HTTP transaction support, so SSH didn't work. Period.
On the other hand, if you're just dealing with a situation where all you've
got is a web browser but outbound connectivity is open, I direct your
attention to mindterm -- a java web-based SSH client.
You can check out how it works (and, well, actually use it -- though I
don't think I need to tell you the advisability of running other people's
code to connect to your system) by going to
http://www.inorganic.org/~rsr/ssh
It works pretty well.
-roy