search

liftoff / GateOne

Gate One is an HTML5-powered terminal emulator and SSH client
http://liftoffsoftware.com/Products/GateOne
Other
6.28k stars 925 forks source link

Document known software requirements #20

Closed Gwindalmir closed 12 years ago

Gwindalmir commented 13 years ago

Sorry if this isn't appropriate, but I wanted to document the known requirements in one place, based on what's been reported so far.

Required: Python >= 2.6 (2.7 recommended) Python needs to be built with SSL support if using OpenSSL Tornado >= 2.1 OpenSSL pyOpenSSL 0.12 NOTE: pyOpenSSL 0.12 work with all versions of OpenSSL pyOpenSSL 0.13 however, requires OpenSSL >= 0.9.8f

Optional: python kerberos dtach 0.8 (not sure if version matters, but 0.8 works) (technically, OpenSSL is optional IIRC, but why?)

Client Requirements: Browser supporting WebSockets: Chrome/Chromium Firefox 6.0.1+

Opera and IE are known NOT working.

Did I miss anything?

liftoff commented 13 years ago

This is a great idea... I'm going to be adding some dependency checking to Gate One soon that will provide more user-friendly error messages instead of just throwing exceptions (or mysteriously opening terminal after terminal endlessly =).

For reference, IE won't work until it supports WebSockets (which is already listed as a requirement in the documentation). Opera can work but not until you turn on WebSockets... I haven't tested it in ages though so there might be issues. If anyone wants to take on adding Opera support feel free!

Gwindalmir commented 13 years ago

Have you considered setting up a wiki?

liftoff commented 13 years ago

I just enabled the wiki and created a Requirements page as a placeholder...

https://github.com/liftoff/GateOne/wiki/Requirements

I'll be working on the code mostly tonight though.

michft commented 13 years ago

Safari 5.06, iCab 4.8 don't work because they don't support indexDB.

No Browser available for PowerPC macs supports indexDB.

liftoff commented 13 years ago

Gate One doesn't use IndexedDB anymore so that shouldn't be a problem.

michft commented 13 years ago

On 21/10/2011, at 11:58 AM, Dan McDougall wrote:

Gate One doesn't use IndexedDB anymore so that shouldn't be a problem.

Reply to this email directly or view it on GitHub: https://github.com/liftoff/GateOne/issues/20#issuecomment-2476608

Thats weird as the current git pull still has indexedDB.open in it.

logging.js:217 TypeError: 'undefined' is not an object (evaluating
'indexedDB.open') logging.js:69 2011-10-21 12:43:48 ERROR No WebSocket support! gateone.js:1702 TypeError: 'null' is not an object (evaluating
'GateOne.Utils.getNode('#'+GateOne.prefs.prefix+'term'+term).title') playback.js:138 TypeError: 'undefined' is not an object (evaluating
'go.terminals[term]['playbackFrames']')

Todays log (after the git pull) /var/log/gateone/webserver.log (after
the "git pull")

[W 111021 12:30:47 gateone:1174] dtach command not found. dtach
support has been disabled. [I 111021 12:30:47 gateone:1204] Listening on https://192.168.1.77:500/ [I 111021 12:30:47 gateone:919] No authentication method configure.
All users will be %anonymous [I 111021 12:30:47 gateone:953] Loaded plugins: bookmarks, help,
logging, playback, ssh [W 111021 12:30:56 iostream:379] Read error on 8: [Errno 1] _ssl.c: 1354: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [E 111021 12:30:56 netutil:217] Error in connection callback Traceback (most recent call last): File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/netutil.py", line 215, in _handle_connection self.handle_stream(stream, address) File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/httpserver.py", line 144, in handle_stream self.no_keep_alive, self.xheaders) File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/httpserver.py", line 171, in init self.stream.read_until(b("\r\n\r\n"), self._header_callback) File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/iostream.py", line 161, in read_until if self._read_to_buffer() == 0: File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/iostream.py", line 375, in _read_to_buffer chunk = self._read_from_socket() File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/iostream.py", line 635, in _read_from_socket chunk = self.socket.read(self.read_chunk_size) File "/usr/lib/python2.7/ssl.py", line 151, in read return self._sslobj.read(len) SSLError: [Errno 1] _ssl.c:1354: error:1407609C:SSL
routines:SSL23_GET_CLIENT_HELLO:http request [W 111021 12:31:00 iostream:379] Read error on 8: [Errno 1] _ssl.c: 1354: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [E 111021 12:31:00 netutil:217] Error in connection callback Traceback (most recent call last): File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/netutil.py", line 215, in _handle_connection self.handle_stream(stream, address) File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/httpserver.py", line 144, in handle_stream self.no_keep_alive, self.xheaders) File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/httpserver.py", line 171, in init self.stream.read_until(b("\r\n\r\n"), self._header_callback) File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/iostream.py", line 161, in read_until if self._read_to_buffer() == 0: File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/iostream.py", line 375, in _read_to_buffer chunk = self._read_from_socket() File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/iostream.py", line 635, in _read_from_socket chunk = self.socket.read(self.read_chunk_size) File "/usr/lib/python2.7/ssl.py", line 151, in read return self._sslobj.read(len) SSLError: [Errno 1] _ssl.c:1354: error:1407609C:SSL
routines:SSL23_GET_CLIENT_HELLO:http request [W 111021 12:31:04 iostream:596] SSL Error on 8: [Errno 1] _ssl.c:503:
error:14094418:SSL routines:SSL3_READBYTES:tlsv1 alert unknown ca [I 111021 12:31:16 web:1359] 302 GET / (192.168.1.22) 56.72ms [I 111021 12:31:16 auth:89] Creating user directory: /usr/local/share/ www/gateone/gateone/users/%anonymous [I 111021 12:31:16 web:1359] 302 GET /auth?next=%2F (192.168.1.22)
354.78ms [I 111021 12:31:17 web:1359] 200 GET / (192.168.1.22) 939.36ms [I 111021 12:31:19 web:1359] 200 GET /static/bookmarks/bookmarks.js
(192.168.1.22) 176.57ms [I 111021 12:31:20 web:1359] 200 GET /static/ssh/ssh.js (192.168.1.22)
47.74ms [I 111021 12:31:20 web:1359] 200 GET /static/gateone.css
(192.168.1.22) 47.34ms [I 111021 12:31:21 web:1359] 200 GET /static/gateone.js (192.168.1.22)
909.47ms [I 111021 12:31:22 web:1359] 200 GET /static/help/help.js
(192.168.1.22) 42.09ms [I 111021 12:31:22 web:1359] 200 GET /static/logging/logging.js
(192.168.1.22) 70.05ms [I 111021 12:31:22 web:1359] 200 GET /static/playback/playback.js
(192.168.1.22) 52.66ms [I 111021 12:31:23 web:1359] 200 GET /style? scheme=black&container=gateone&prefix=go (192.168.1.22) 1108.29ms [I 111021 12:31:24 web:1359] 200 GET /favicon.ico (192.168.1.22)
276.18ms [I 111021 12:31:28 gateone:1224] Caught KeyboardInterrupt. Killing
sessions... [W 111021 12:32:17 gateone:1188] dtach command not found. dtach
support has been disabled. [I 111021 12:32:17 gateone:1218] Listening on https://192.168.1.77:500/ [I 111021 12:32:17 gateone:933] No authentication method configure.
All users will be %anonymous [I 111021 12:32:17 gateone:967] Loaded plugins: bookmarks, help,
logging, playback, ssh [W 111021 12:32:19 iostream:379] Read error on 8: [Errno 1] _ssl.c: 1354: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [E 111021 12:32:19 netutil:217] Error in connection callback Traceback (most recent call last): File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/netutil.py", line 215, in _handle_connection self.handle_stream(stream, address) File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/httpserver.py", line 144, in handle_stream self.no_keep_alive, self.xheaders) File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/httpserver.py", line 171, in init self.stream.read_until(b("\r\n\r\n"), self._header_callback) File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/iostream.py", line 161, in read_until if self._read_to_buffer() == 0: File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/iostream.py", line 375, in _read_to_buffer chunk = self._read_from_socket() File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/iostream.py", line 635, in _read_from_socket chunk = self.socket.read(self.read_chunk_size) File "/usr/lib/python2.7/ssl.py", line 151, in read return self._sslobj.read(len) SSLError: [Errno 1] _ssl.c:1354: error:1407609C:SSL
routines:SSL23_GET_CLIENT_HELLO:http request [W 111021 12:32:46 iostream:379] Read error on 8: [Errno 1] _ssl.c: 1354: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [E 111021 12:32:46 netutil:217] Error in connection callback Traceback (most recent call last): File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/netutil.py", line 215, in _handle_connection self.handle_stream(stream, address) File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/httpserver.py", line 144, in handle_stream self.no_keep_alive, self.xheaders) File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/httpserver.py", line 171, in init self.stream.read_until(b("\r\n\r\n"), self._header_callback) File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/iostream.py", line 161, in read_until if self._read_to_buffer() == 0: File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/iostream.py", line 375, in _read_to_buffer chunk = self._read_from_socket() File "/usr/local/share/www/local/lib/python2.7/site-packages/ tornado/iostream.py", line 635, in _read_from_socket chunk = self.socket.read(self.read_chunk_size) File "/usr/lib/python2.7/ssl.py", line 151, in read return self._sslobj.read(len) SSLError: [Errno 1] _ssl.c:1354: error:1407609C:SSL
routines:SSL23_GET_CLIENTHELLO:http request [I 111021 12:32:57 web:1359] 200 GET / (192.168.1.22) 602.11ms [I 111021 12:32:58 web:1359] 200 GET /static/gateone.js (192.168.1.22)
968.47ms [I 111021 12:32:58 web:1359] 200 GET /static/logging/logging.js
(192.168.1.22) 215.07ms [I 111021 12:32:59 web:1359] 200 GET /static/playback/playback.js
(192.168.1.22) 60.54ms [I 111021 12:32:59 web:1359] 200 GET /static/ssh/ssh.js (192.168.1.22)
43.09ms [I 111021 12:33:00 web:1359] 200 GET /static/bookmarks/bookmarks.js
(192.168.1.22) 131.48ms [I 111021 12:33:00 web:1359] 200 GET /static/gateone.css
(192.168.1.22) 30.54ms [I 111021 12:33:00 web:1359] 200 GET /static/help/help.js
(192.168.1.22) 40.10ms [I 111021 12:33:01 web:1359] 200 GET /style? scheme=black&container=gateone&prefix=go (192.168.1.22) 1112.84ms [I 111021 12:33:10 gateone:1238] Caught KeyboardInterrupt. Killing
sessions... [W 111021 12:34:21 gateone:1188] dtach command not found. dtach
support has been disabled. [I 111021 12:34:21 gateone:1218] Listening on https://192.168.1.77:500/ [I 111021 12:34:21 gateone:933] No authentication method configure.
All users will be %anonymous [I 111021 12:34:21 gateone:967] Loaded plugins: bookmarks, help,
logging, playback, ssh [I 111021 12:34:23 web:1359] 200 GET / (192.168.1.22) 606.88ms [I 111021 12:34:23 web:1359] 304 GET /static/gateone.js (192.168.1.22)
28.30ms [I 111021 12:34:25 web:1359] 304 GET /style? scheme=black&container=gateone&prefix=go (192.168.1.22) 1344.25ms [I 111021 12:34:38 gateone:1238] Caught KeyboardInterrupt. Killing
sessions... [W 111021 12:35:11 gateone:1188] dtach command not found. dtach
support has been disabled. [I 111021 12:35:11 gateone:1218] Listening on https://192.168.1.77:500/ [I 111021 12:35:12 gateone:933] No authentication method configure.
All users will be %anonymous [I 111021 12:35:12 gateone:967] Loaded plugins: bookmarks, help,
logging, playback, ssh [I 111021 12:35:25 web:1359] 200 GET / (192.168.1.22) 565.17ms [I 111021 12:35:25 web:1359] 304 GET /static/gateone.js (192.168.1.22)
38.33ms [I 111021 12:35:28 web:1359] 304 GET /style? scheme=black&container=gateone&prefix=go (192.168.1.22) 2632.43ms [I 111021 12:35:59 gateone:1238] Caught KeyboardInterrupt. Killing
sessions... [W 111021 12:37:46 gateone:1188] dtach command not found. dtach
support has been disabled. [I 111021 12:37:46 gateone:1218] Listening on https://192.168.1.77:500/ [I 111021 12:37:47 gateone:933] No authentication method configure.
All users will be %anonymous [I 111021 12:37:47 gateone:967] Loaded plugins: bookmarks, help,
logging, playback, ssh [I 111021 12:37:51 web:1359] 200 GET / (192.168.1.22) 1583.26ms [I 111021 12:37:51 web:1359] 304 GET /static/gateone.js (192.168.1.22)
26.14ms [I 111021 12:37:53 web:1359] 304 GET /style? scheme=black&container=gateone&prefix=go (192.168.1.22) 1041.20ms [I 111021 12:38:25 gateone:1238] Caught KeyboardInterrupt. Killing
sessions... [W 111021 12:38:52 gateone:1188] dtach command not found. dtach
support has been disabled. [I 111021 12:38:52 gateone:1218] Listening on https://192.168.1.77:500/ [I 111021 12:38:52 gateone:933] No authentication method configure.
All users will be %anonymous [I 111021 12:38:52 gateone:967] Loaded plugins: bookmarks, help,
logging, playback, ssh [I 111021 12:38:54 web:1359] 200 GET / (192.168.1.22) 656.64ms [I 111021 12:38:55 web:1359] 304 GET /static/gateone.js (192.168.1.22)
21.48ms [I 111021 12:38:56 web:1359] 304 GET /style? scheme=black&container=gateone&prefix=go (192.168.1.22) 1075.35ms [I 111021 12:39:20 web:1359] 200 GET / (192.168.1.22) 157.15ms [I 111021 12:39:20 web:1359] 304 GET /static/gateone.css
(192.168.1.22) 28.90ms [I 111021 12:39:21 web:1359] 304 GET /static/help/help.js
(192.168.1.22) 19.44ms [I 111021 12:39:21 web:1359] 304 GET /static/gateone.js (192.168.1.22)
18.81ms [I 111021 12:39:21 web:1359] 304 GET /static/playback/playback.js
(192.168.1.22) 20.41ms [I 111021 12:39:22 web:1359] 304 GET /static/bookmarks/bookmarks.js
(192.168.1.22) 19.55ms [I 111021 12:39:22 web:1359] 304 GET /static/ssh/ssh.js (192.168.1.22)
19.26ms [I 111021 12:39:22 web:1359] 304 GET /static/logging/logging.js
(192.168.1.22) 19.24ms [I 111021 12:39:22 web:1359] 304 GET /style? scheme=black&container=gateone&prefix=go (192.168.1.22) 80.64ms [I 111021 12:41:08 gateone:1238] Caught KeyboardInterrupt. Killing
sessions... [W 111021 12:41:26 gateone:1188] dtach command not found. dtach
support has been disabled. [I 111021 12:41:26 gateone:1218] Listening on https://192.168.1.77:501/ [I 111021 12:41:26 gateone:933] No authentication method configure.
All users will be %anonymous [I 111021 12:41:26 gateone:967] Loaded plugins: bookmarks, help,
logging, playback, ssh [I 111021 12:41:28 web:1359] 200 GET / (192.168.1.22) 597.06ms [I 111021 12:41:28 web:1359] 200 GET /static/bookmarks/bookmarks.js
(192.168.1.22) 262.65ms [I 111021 12:41:29 web:1359] 200 GET /static/logging/logging.js
(192.168.1.22) 69.93ms [I 111021 12:41:30 web:1359] 200 GET /static/playback/playback.js
(192.168.1.22) 47.04ms [I 111021 12:41:30 web:1359] 200 GET /static/help/help.js
(192.168.1.22) 37.17ms [I 111021 12:41:31 web:1359] 200 GET /static/gateone.js (192.168.1.22)
935.96ms [I 111021 12:41:31 web:1359] 200 GET /static/ssh/ssh.js (192.168.1.22)
43.31ms [I 111021 12:41:31 web:1359] 200 GET /static/gateone.css
(192.168.1.22) 29.88ms [I 111021 12:41:32 web:1359] 200 GET /style? scheme=black&container=gateone&prefix=go (192.168.1.22) 1247.65ms [I 111021 12:41:33 web:1359] 200 GET /favicon.ico (192.168.1.22)
342.03ms [I 111021 12:42:53 gateone:1238] Caught KeyboardInterrupt. Killing
sessions...

liftoff commented 13 years ago

Looks like it doesn't like your SSL key/certificate:

error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca

Can you try deleting keyfile.pem and certificate.pem and let Gate One re-generate them?

michft commented 12 years ago

cleaning up my todo's and I tried gateone again.

cd PATH/gateone

git pull

rm -rf /opt/gateone

python setup.py install

and I was getting a different error to the first time I tried gateone.

[E 120311 08:18:27 utils:229] Error generating self-signed SSL key/certificate: An error occurred trying to create private SSL key: ERROR: Timeout running shell command [I 120311 08:18:28 gateone:1823] No authentication method configured. All users will be ANONYMOUS [I 120311 08:18:28 gateone:1897] Loaded plugins: bookmarks, help, logging, loggingplugin, notice, playback, ssh [I 120311 08:18:28 gateone:2384] Listening on https://:501/ [E 120311 08:18:39 ioloop:315] Exception in I/O handler for fd 6 Traceback (most recent call last): File "/usr/local/lib/python2.7/site-packages/tornado/ioloop.py", line 308, in start self._handlers[fd](fd, events) File "/usr/local/lib/python2.7/site-packages/tornado/netutil.py", line 319, in accept_handler callback(connection, address) File "/usr/local/lib/python2.7/site-packages/tornado/netutil.py", line 199, in _handle_connection *_self.ssl_options) File "/usr/lib/python2.7/ssl.py", line 372, in wrap_socket ciphers=ciphers) File "/usr/lib/python2.7/ssl.py", line 132, in init ciphers) SSLError: [Errno 336265218] _ssl.c:351: error:140B0002:SSL routines:SSL_CTX_use_PrivateKey_file:system lib

after a little googling and reading the manual I did a

pip install pam pyOpenSSL kerberos

So kerberos did not install on my debian wheezy system but

apt-get install python-kerberos

worked. This Fixed the problem and I got better looking log outputs.

gateone# python gateone.py [I 120311 23:48:32 gateone:2300] Connections to this server will be allowed from the following origins: 'https://localhost https://192.168.1.77' [W 120311 23:48:33 gateone:2347] Logging is set to DEBUG. Be aware that this will record the keystrokes of all users. Don't be evil! [I 120311 23:48:33 gateone:1823] No authentication method configured. All users will be ANONYMOUS [I 120311 23:48:33 gateone:1897] Loaded plugins: bookmarks, help, logging, loggingplugin, notice, playback, ssh [I 120311 23:48:33 gateone:2376] Listening on https://192.168.1.77:501/ [I 120311 23:48:40 web:1393] 304 GET / (192.168.1.22) 467.35ms [I 120311 23:48:40 web:1393] 304 GET /static/gateone.css (192.168.1.22) 58.38ms [I 120311 23:48:40 web:1393] 304 GET /static/gateone.js (192.168.1.22) 23.64ms [I 120311 23:48:42 web:1393] 304 GET /style?theme=black&container=gateone&prefix=go (192.168.1.22) 1751.50ms [I 120311 23:48:43 web:1393] 304 GET /style?colors=default&container=gateone&prefix=go_ (192.168.1.22) 1498.06ms [I 120311 23:48:44 web:1393] 304 GET /combined_js (192.168.1.22) 142.87ms [I 120311 23:48:44 web:1393] 304 GET /auth?check=True (192.168.1.22) 13.85ms [I 120311 23:48:47 web:1393] 200 GET /static/ubuntumono-normal.woff (192.168.1.22) 2351.68ms

But ctrl-alt-N doesn't get a terminal (this may be a firefox 3.6.27 or safari 5.0.6 problem) and I also not sure from the manual how to add a non-anonymous user and what authentication method in the config are allowed?

liftoff commented 12 years ago

Unfortunately Firefox 3.6, Safari 5.0, and Safari 5.1 only implement the old (insecure) version of the WebSockets protocol. That older version is incompatible with the final version which is what Gate One implements. I don't want to add backwards compatibility since I want Gate One to stay as secure as possible.

There is something to take away from your report though: You're the third person that reported having trouble generating SSL certificates via the fallback method (when pyOpenSSL isn't installed). I believe this is due to the 5-second timeout value (too short). It will be increased in the next commit.

liftoff commented 12 years ago

That didn't take long... I just changed the timeout value to 30 seconds and pushed the commit.

liftoff commented 12 years ago

I'm going to close this issue out since I'm almost positive that the SSL key generation problem has been corrected and it had nothing to do with the originally-reported issue. If you're still having SSL issues please feel free to open another ticket and we'll track it there.