You ever wanted a fast convenient SSH but sometimes only had a browser?

We’ve all been there. A quick need to check something, but we are presented with equipment that only has a browser. Maybe its a kiosk-pc, a laptop at a friends place. Perhaps its a network that blocks all but HTTPS.

Well, never fear, you can have a speedy web interface ssh, supporting cut+paste and scroll and curses. And, it will only take you a couple of minutes.

git clone
cd wetty
sudo npm -g install

cat < /etc/systemd/system/wetty.service
# systemd unit file
# place in /etc/systemd/system
# systemctl enable wetty.service
# systemctl start wetty.service

Description=Wetty Web Terminal


ExecStart=/usr/bin/node app.js -p 3000 –host –sshuser MYNAME

systemctl enable wetty
systemctl start wetty

OK, at this stage you can open http://localhost:3000 in your browser.
# cat < /etc/nginx/sites-enabled/ssh.conf 
server {
    listen ssl http2;
    server_name ssh.MYDOMAIN;

    include MY-tls.conf;

    access_log /var/log/nginx/a-ssh.log;
    error_log /var/log/nginx/e-ssh.log;

    location / {
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "upgrade";
	proxy_read_timeout 43200000;

	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header Host $http_host;
	proxy_set_header X-NginX-Proxy true;


(I’m assuming you have a common tls config in MY-tls.conf, and set a DNS as ssh.MYDOMAIN, else set it here as normal).
OK, now when you open https://ssh.MYDOMAIN, you will get an ssh login to your host.

Run this on a protected bastion. And prosper.

More work, less toil.






Leave a Reply

Your email address will not be published. Required fields are marked *