Feature #253

Replace sshterm with ajaxterm

Added by gardar arnarsson over 1 year ago. Updated 3 months ago.

Status:New Start date:05/28/2010
Priority:Low Due date:
Assignee:- % Done:

0%
Category:- Spent time: -
Target version:2.2.x
Affected version : Resolution:

Description

I think sshterm should be replaced with ajaxterm..

Reasons:
  • sshterm is a java applet which is pain to load, you need java installed and quite often it makes my web browser crash
  • ajaxterm requires nothing installed other than a modern web browser that can handle html and javascript, which makes it compatible and lightweight.
  • ajaxterm can be run on port 80 when sshterm runs on port 22. I don't really see the point of using a "web based" ssh client if you have port 22 open. You can just as well download and use putty.

You can get ajaxterm from: http://antony.lesuisse.org/software/ajaxterm/

History

#1
Updated by Danny Terweij over 1 year ago

  • Target version set to 2.1.1

#2
Updated by Walter Secco about 1 year ago

  • Priority changed from High to Low
  • Target version deleted (2.1.1)
I toyed around with ajaxterm and I'm not convinced. Let me point a couple errors on your reasons:
  • Ajaxterm requires python to be installed in the server and you must run the backend "ajaxterm.py". It is not lightweight either (a bit over 20mb of ram) and multiple processes are spawned for every loaded screen. It also increases the load on the web server dramatically.
  • While you can "run" it on a web server listening on port 80 (plain text), it defeats the purpose of SSH which is encryption. You might as well enable and use telnet. To actually replace sshterm, it should be running only on port 8887 (https) under lxlighty as web servers are not part of HyperVM management. As a result, you get SSL cert warnings as 99.9% of Kloxo and HyperVM users do not buy ssl certs for the panel, which also defeats the whole purpose of having a ajaxterm session under SSL if you can't trust the cert. Also note mod_proxy must be enabled as requests must be passed on to localhost:8022, which makes it even more trickier to integrate into the panel.
A few more things to consider:
  • Most sysadmins use key based access, which it doesn't support.
  • It's buggy. While testing I could not press "backspace" as it would do a "history.go(-1)".
  • No tab auto completion or any other key-bindings for that matter.
  • No resizable window or logging.
  • No way to block or prevent attacks as all connections come from "localhost".

And many, MANY more issues. The last one is a major no-no in my book.

Basically, it is not a sshterm replacement (yet). You are just transferring the burden to the server for a ssh "client" with much less features and we already have "Command Center" for that. Simple and effective.

On another note, you are free to install it under lxlighty (http://redmine.lighttpd.net/wiki/1/Ajaxterm) by editing /usr/local/lxlabs/hypervm/file/lighttpd.conf or in your preferred web server listening on port 80 (seriously, don't do it - USE ENCRYPTION!) with some sort of pre-auth.

I'm lowering the priority and removing the target as this feature depends on Ajaxterm coders fixing these bugs and implementing some required features (IP logging for one) before we start discussing anything.

#3
Updated by Danny Terweij 3 months ago

  • Target version set to 2.2.x

Also available in: Atom PDF