search

bredzhang / shellinabox

Automatically exported from code.google.com/p/shellinabox
0 stars 0 forks source link

Feature to bind shellinaboxd to specific address #33

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
Thanks for creating shell in a box.  I installed it a few months ago for a
trip out of the country, and it worked - mostly.

It's not it's fault though!  Many of the internet cafe's where I brought my
laptop seem to have firewalled all ports except 80 and 443 (grrr - at some
point everything will just have to use 443 due to these sort of
restrictions).  Anyhow, to fix this for next time, I added a new internet
visible IP address to my machine, and now I'd like to have the shellinabox
use the NEW-IP port 443.  I can specify the port but not the listen
address.  (It has to be a different address from the apache server of
course, because the ports need to be the same.)

I think the change needed is to add a new command line option to specify
what becomes serverAddr.sin_addr_saddr in server.c.  Then I assume it'll
also get passed with a new X-ShellInABox-Addr output, but I'm not sure what
then needs to change to get the information into the client.

Would you be interested in adding this, or taking a patch back for it?

Thanks.

Original issue reported on code.google.com by wsny...@wsnyder.org on 17 Nov 2009 at 4:07

GoogleCodeExporter commented 8 years ago 
Yes, in principle this would probably be a change that I could make.

But for your specific example that is not really particularly necessary. If you 
already run a web server on your main IP address, the normal thing that most 
people do 
is to configure the existing web server to act as a reverse proxy for 
ShellInABox.

In that case, you would pick any locally available port, and you would run 
ShellInABox 
with the --localhost-only command line option.

Original comment by zod...@gmail.com on 18 Nov 2009 at 5:13

GoogleCodeExporter commented 8 years ago 
>the normal thing that most people do is to configure the existing web server 
to act
as a reverse proxy for ShellInABox.

I'm fine with that, and it would also allow additional applications to share 
the same IP.

Do you have an example?  If not, how do I indicate the URL to use (instead of 
the
port) to your javascript?  With --service?

Thanks.

Original comment by wsny...@wsnyder.org on 18 Nov 2009 at 6:20

GoogleCodeExporter commented 8 years ago 
For Apache2, enable proxy and http_proxy. Add the following to your site's 
configuration:

        <Location /shell>
                ProxyPass       http://localhost:4200/
                Order           allow,deny
                Allow           from all
        </Location>

Then edit /etc/default/shellinabox and add this line:

        SHELLINABOX_ARGS="${SHELLINABOXARGS} --localhost-only --disable-ssl"

You can now access ShellInABox from http://YourServerName/shell

If you rather use SSL encryption (as you probably should), then make sure you 
configure Apache to recognize "/shell" for both encrypted and unencrypted 
sessions. 
Then remove the "--disable-ssl" option from the ShellInABox command line.

Original comment by zod...@gmail.com on 18 Nov 2009 at 8:12

GoogleCodeExporter commented 8 years ago 
Thanks, that works!  I'd suggest adding these few lines in the manpage, with a 
note
about getting around firewalls, as if I had seen it when I first installed it I 
would
have just done it that way in the first place.

Original comment by wsny...@wsnyder.org on 19 Nov 2009 at 2:40