

Show HN: KeyBox – A multi-terminal web-based SSH console - skavanagh
http://sshkeybox.com

======
sikhnerd
Looks really cool and well done, though I'm failing to see the value this adds
vs using standard user access controls and a regular old terminal multiplexer
like tmux or screen.

You can even get the same usage model very easy by doing what a lot of
companies do by throwing up a 'jumpbox' that all users log in to. They then
log into whichever server they need from that session. You can do both PAM
based, and network based ACL's and it's fairly easy to manage through sudo
etc.

~~~
drdaeman
The downside is loss of security. Since one's already being MitM'ed, there is
no way to ensure the SSH connections aren't compromised.

The proper (security-wise) way to use jumpbox is to ask it to build a tunnel
between your local machine and remote host you want to SSH into - then connect
over that tunnel. That is, unless you ultimately trust the jumphost or have no
interest in security besides the basics necessary to shoo away passive
attackers.

------
ctz
Is it possible these days to trap keystrokes like Ctrl+W in browsers? The last
time I tried a web browser-hosted SSH client, Ctrl+W (and co) didn't get sent
remotely but instead closed the local tab like normal.

~~~
sdrothrock
Can do!

[https://github.com/jeresig/jquery.hotkeys](https://github.com/jeresig/jquery.hotkeys)

I've seen some annoying pages that actually intercept ctrl-s or ctrl-p to do
some custom saving or printing function, too.

------
aus_
These are handy when you are stuck on a connection that blocks everything but
HTTP(S), like many corporate environments.

Many of these web-based ssh tools are based of the excellent term.js[0].

[0]: [https://github.com/chjj/term.js](https://github.com/chjj/term.js)

~~~
skavanagh
Yup!! It's a great project. Couldn't have translated the ANSI codes without
it!

