Hacker News new | past | comments | ask | show | jobs | submit login
Show HN: KeyBox – A multi-terminal web-based SSH console (sshkeybox.com)
19 points by skavanagh on July 26, 2014 | hide | past | web | favorite | 6 comments

Looks really cool and well done, though I'm failing to see the value this adds vs using standard user access controls and a regular old terminal multiplexer like tmux or screen.

You can even get the same usage model very easy by doing what a lot of companies do by throwing up a 'jumpbox' that all users log in to. They then log into whichever server they need from that session. You can do both PAM based, and network based ACL's and it's fairly easy to manage through sudo etc.

The downside is loss of security. Since one's already being MitM'ed, there is no way to ensure the SSH connections aren't compromised.

The proper (security-wise) way to use jumpbox is to ask it to build a tunnel between your local machine and remote host you want to SSH into - then connect over that tunnel. That is, unless you ultimately trust the jumphost or have no interest in security besides the basics necessary to shoo away passive attackers.

Is it possible these days to trap keystrokes like Ctrl+W in browsers? The last time I tried a web browser-hosted SSH client, Ctrl+W (and co) didn't get sent remotely but instead closed the local tab like normal.

Can do!


I've seen some annoying pages that actually intercept ctrl-s or ctrl-p to do some custom saving or printing function, too.

These are handy when you are stuck on a connection that blocks everything but HTTP(S), like many corporate environments.

Many of these web-based ssh tools are based of the excellent term.js[0].

[0]: https://github.com/chjj/term.js

Yup!! It's a great project. Couldn't have translated the ANSI codes without it!

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact