Shell In A Box is a web based terminal for Linux based machines, pretty much SSH in a web browser. It was created by Markus Gutschke a few years ago.
If you’re looking for a way to SSH into one of your server from behind a firewall, say from where you work or school this program will also let you accomplish that too.
Since we’ll be entering our server passwords into the shellinabox terminal when it is installed, we’ll be also installing a free SSL Let’s Encrypt certificate to make sure your install is nice and secure to use!
Shellinabox should be included in the default repositories so we shouldn’t need to add them add if you’re using Ubuntu, Debian or even Linux Mint.
So for Ubuntu based Distributions run the command
sudo apt-get update sudo apt-get install openssl shellinabox
If you’re using Debian minimal you’ll want to also install sudo if you haven’t by default.
sudo apt-get install sudo
We’ll be installing Apache for a few reasons. Since Shellinabox requires SSL we can use an Apache reverse proxy so that we can use a Let’s Encrypt certificate to get the SSL certificate for free. We’ll also be using it to proxy the non standard port that Shellinabox uses (that is blocked in most business firewalls) to the standard HTTPS port which is 443.
So to install Apache on Ubuntu or Debian based distributions use the command (If you already have Apache installed you can skip this step and go to the next command)
sudo apt-get install apache2
Then we’ll need to enable the SSL module of Apache2
sudo a2enmod ssl
And also the proxy module
sudo a2enmod http_proxy
Then restart Apache2
sudo service apache2 restart
Now we’ll add a config file to the Apache server, this will tell it to forward all requests that have “/shellinabox” for example “yourdomain.com/shellinabox”. You can change this to anything you want however.
First we create the config file for the proxy.
Then paste the following
<Location /shellinabox> ProxyPass http://localhost:4200/ Order allow,deny Allow from all </Location>
Now we can restart Apache and move onto getting a SSL certificate for our Shell In a Box install.
Deploying Let’s Encrypt
Let’s Encrypt is where we will be getting our SSL certificate from, this means we won’t get any errors about the certificate being invalid when we go to our Shellinabox install.
To start we’ll need to install Certbot, this is the program we’ll be using to get the certificate.
You must have a subdomain or domain pointing to the IP of the server you’re installing Shellinabox in, otherwise you won’t be able to finish this tutorial.
To install Certbot, use the command
cd /usr/local/sbin/ wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
Now we can provision an SSL certificate for the domain / subdomain we’re using for our Shellinabox install.
To do this we will tell certbot to generate a certificate for us to use and apply it automatically to our Apache install.
certbot-auto --apache -d your.domain.here
If at any point it asks you whether you want to make your entire server secure, you’ll want to press yes on that option.
Creating a User For Shellinabox
Since Shellinabox disabled logins via the root account by default, we’ll create another user to login with. You should only need to do this if you’re on a VPS or dedicated server which only has a root account by default.
You can create an account with the command
Enter a password for the account then press enter each time you are prompted for more information, unless you want to fill them in of course.
We’ll restart Apache one more time to make sure everything was applied by certbot
service apache2 restart
Using Shell In a Box
Now that everything is setup we can login to our server using the shellinabox console. To do this, enter the domain name you chose earlier with the directory you also set.
For example, if you set mydomain.com and in the Apache file you set the location as /shellinabox you would put mydomain.com/shellinabox into your web browser to get to your console.
It should be like using a normal SSH session, enter the user account name that you created before then the password when prompted to login. If you want to use the root account afterwards you can use the command
And then enter your password.
If you need help leave a comment and we’ll try our best to get yours working!