Shellinabox is a great tool that allows to open a terminal session (e.g. a shell) on your server through HTTP and/or Apache. It’s particularly useful when you are a network that doesn’t allow outgoing SSH connections, like in a many hotspots or corporate networks.
Unfortunately, shellinabox is as of today in sid (unstable). Here are the steps to install it anyway on squeeze.
Add a sid “deb-src” source to your
/etc/apt/sources.list, for instance:
deb-src http://ftp.uni-bayreuth.de/linux/Debian/debian/ sid main non-free contrib
Then prepare the binary package from the source:
apt-get update apt-get build-dep shellinabox apt-get -b source shellinabox
Finally, you can install it:
dpkg -i shellinabox*.deb
Obviously the same procedure can be used to install other packages from unstable.
If you have an Apache instance running, you can use it as a front-end to shellinabox (e.g. a reverse proxy). The advantages are:
- no need to open a new port in your firewall.
- you can add a layer of security by requiring an HTTP password to access shellinabox. This way, potential security flaws in shellinabox are not directly exploitable.
To do this, add the following lines to your Apache configuration, for instance in
<Location /shellinabox> ProxyPass http://localhost:4200/ Order allow,deny Allow from all AuthUserFile /path/to/.htpasswd AuthName "Authentication for shellinabox" AuthType Basic require user someuser </Location>
Finally enable the proxy module and the site:
sudo a2enmod proxy_http sudo a2ensite shellinabox sudo /etc/init.d/apache2 restart