Linode Forum
Linode Community Forums
 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic
Author Message
PostPosted: Wed Apr 04, 2007 11:06 pm 
Offline
Senior Member
User avatar

Joined: Tue Aug 17, 2004 11:37 pm
Posts: 262
Website: http://www.our-lan.com
WLM: nf@our-lan.com
Location: Brisbane, Australia
A while ago in irc caker posted a link that was to (if i recal correct) a web based ssh client for connecting to our hosts.. Im wondering if this is still floating arround and working or?

_________________
ServerAdmin - www.our-lan.com
"Diplomacy is the art of saying nice doggy whilst looking for a really big stick"
"In my experiece, any attempt to make any system idiot proof will only challenge God to make a better idiot"


Top
   
 Post subject:
PostPosted: Wed Apr 04, 2007 11:23 pm 
Offline
Linode Staff
User avatar

Joined: Tue Apr 15, 2003 6:24 pm
Posts: 3090
Website: http://www.linode.com/
Location: Galloway, NJ
It's not around any longer. It was just something I was toying with (ajaxterm, btw).

I may bring it back, now that warewolf suggested a method to avoid one problem with it (it flooded apache's access_log with almost every keystroke)...

-Chris


Top
   
 Post subject:
PostPosted: Thu Apr 05, 2007 1:56 am 
Offline
Senior Member
User avatar

Joined: Sun Feb 08, 2004 7:18 pm
Posts: 562
Location: Austin
Is this the kind of thing you're talking about?


Top
   
 Post subject:
PostPosted: Fri Apr 06, 2007 1:52 am 
Offline
Junior Member
User avatar

Joined: Sat Oct 30, 2004 10:23 am
Posts: 24
Website: http://zhaoke.com
WLM: Ask Me!
Location: Islab.org
what's the warewolf's suggested solution? thanks.

caker wrote:
It's not around any longer. It was just something I was toying with (ajaxterm, btw).

I may bring it back, now that warewolf suggested a method to avoid one problem with it (it flooded apache's access_log with almost every keystroke)...

-Chris

_________________
http://zhaoke.com


Top
   
 Post subject:
PostPosted: Fri Apr 06, 2007 11:55 pm 
Offline
Senior Member

Joined: Sat Dec 04, 2004 5:36 pm
Posts: 145
MindTerm (which Xan suggested) rocks. (It's great!)

I've been using it for close to 8-10 years now. Mostly, I use it to access my box when I'm travelling and have only access to a web browser at an internet cafe or hotel.

vt100 emulation appears to be even more improved in version 3 -- I just tried the latest code. It also supports sftp, sshd-X11 forwarding, and a bunch of other neat stuff, too.

Version 3.1.2 is available for download now; more info on configurable options and its features:

http://www.appgate.com/products/80_Mind ... _MindTerm/

All you need is a single .jar file, a single HTML file, a web server, and a web browser. You can also run it as a Java application without a web browser, too, if you've got a local JRE. Handy for lugging around on a thumbdrive, perhaps? Avoids the need to install a ssh application on an untrusted PC.

The free MindTerm distributed is unsigned. That means you can't connect to a ssh server other than the web server that served it. This is good because it avoids abuse by others whom wanted to use my ssh server to hack other sites. Downside is that file transfers are also disabled (also due to the Java security model) if applet is unsigned.

You've got choices, though: you can always self-sign the applet. The developers even provide a link on how to accomplish this! Alternatively, starting with Java 1.6, you can also create a simple file on the local PC that gives it permission to do file operations to/from that web server without needing to sign the applet.

If you want to sign the applet, general instructions can be found here:

http://mindprod.com/jgloss/signedapplets.html


Top
   
 Post subject:
PostPosted: Sat Apr 07, 2007 9:07 pm 
Offline
Senior Member

Joined: Wed Aug 13, 2003 10:24 am
Posts: 55
tronic wrote:
If you want to sign the applet, general instructions can be found here:

http://mindprod.com/jgloss/signedapplets.html


Here are the notes I wrote to myself when I did it:

In order to get full permissions, this applet requires certification with a digital signature. The jar file can be signed using the jarsigner tool in the Java SDK.

Although a key and signing request can be generated using keytool from the Java SDK, it is more convenient to use OpenSSL for key management. That way we can use the same CA to sign everything. This requires using Java SDK 1.4 or higher as the 1.3 tools did not support the PKCS12 format.

Code:
# export pkcs12 key
#  a password must be provided for the store
openssl pkcs12 -export -in /usr/ssl/demoCA/cacert.pem -inkey /usr/ssl/demoCA/private/cakey.pem -out ca.p12 -name "ca"

# sign the jar file
jarsigner -keystore ca.p12 -storetype PKCS12 mindterm.jar ca


The signed jar overwrites the input file, which is moved to mindterm.jar.orig.

Roy


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic


Who is online

Users browsing this forum: mwchase and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group