IPvSean
commented
6 years ago @tima can you assign to me? I need to do this for the networking workshop anyway
Open petebowden opened 6 years ago
IPvSean
commented
6 years ago @tima can you assign to me? I need to do this for the networking workshop anyway
tima
commented
6 years ago Thanks for the offer. I would like to discuss this one before trying to implement something here.
rubbsdecvik
commented
6 years ago Might I suggest cockpit?
petebowden
commented
6 years ago @rubbsdecvik That's not a bad idea. Might be more work than integrating shellinabox....
I'd like to note that @lwhitty used shellinabox at a site that blocked 22/SSH, with limited success. Users were initially able to access the terminal but some additional security software eventually blocked the site completely (our guess is a layer 7 security tool that was looking for the shellinabox code). I want to call it a success since, at least initially the users were able to use shellinabox to work on the lab.
tima
commented
6 years ago Sorry just happening upon these comments now.
@petebowden: This is why I want to step carefully on saying we support such closed network scenarios with our provisioner. My suggestion to anyone attempting to do a workshop off of this lightbulb material is that they do their homework and check and then double check they will be able to access the lab (thru port 22 or wetty or shellinabox or whatever) and the self-signed certificate problem. Another "safer" option is to go off-site where you have a network that isn't as closed.
@rubbsdecvik: cockpit has too many unnecessary features for what is needed and seems too heavyweight. It also has too many overlapping with Tower. We avoid mixing those streams because it causes too much customer confusion.
We should add the ability to deploy a shellinabox [1] server or set of servers so users that have SSH/22 blocked on their laptops can still run the workshop.
[1] https://github.com/shellinabox/shellinabox