SSH-Fortress
1. What does it do?
- Make your cluster servers be more safe by expose your SSH connection through SSH-Fortress server
- Login your SSH server through the SSH-Fortress Web Interface and record all input and output history commands.
- Manage your cluster server's SSH Account by SSH-Fortress with Web Account
- Manage a server's files by SSH-Fortress's SFTP-web-interface
- Easily login into your private Cluster by SSH Proxy provided by SSH-Fortress-Proxy
2. build and run
git clone https://github.com/mojocn/sshfortress.git && cd sshfortress;
go build
echo "run the app with SQLite database" ./sshfortress sqlite -v --listen=':3333' echo "run the app with Mysql database, you need a config.toml file in your sshfortress binary folder" ./sshfortress run -v --listen=':3333'
Docker pull docker pull mojotvcn/sshfortress
2.1 config.toml
The config.toml file should in sshfortress binary folder. config.toml works with command sshfortress run. Command sshfortress sqlite can run with the config file.
[app]
name="frotress.mojotv.cn"
addr=":8360" verbose= true jwt_expire=240 #hour secret="asdf4e8hcjvbkjclkjkklfgki843895iojfdnvufh98" #jwt secret [db] # mysql database connection host = "127.0.0.1" user = "root" dbname = "sshfortress" password = "your_mysql_password" port = 3306 [github] #github.com OAuth2 client_id="d0b29360a088d0c4dc18" client_secret="89b272eeb22f373d8aa688986a8dbbc4edbfc64a" callback_url="http://sshfortress.mojotv.cn/#/"
3. Online demo
https://sshfortress.mojotv.cn/#/login
just click the login button, the default password has input for you, user admin@sshfortress.cn password: admin,
3.1 Universal Web SST Terminal
URL:https://sshfortress.mojotv.cn/#/any-termeg:https://sshfortress.mojotv.cn/#/any-term?a=home.mojotv.cn&p=test007&u=test007&z=1- URL-ARG
a: SSH Address with Port eg:home.mojotv.cnhome.mojotv.cn:22 - URL-ARG
u: SSH Username eg:test007 - URL-ARG
p: SSH Password eg:test007 - URL-ARG
z: Not Use Zend Mode eg:1
4. Run With supervisor & nginx
sshfortress.mojotv.cn.conf
server {
server_name sshfortress.mojotv.cn;
charset utf-8;
location /api/ws-any-term
{
proxy_pass http://127.0.0.1:8360;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header X-Real-IP $remote_addr; } location /api/ws/ { proxy_pass http://127.0.0.1:8360; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header X-Real-IP $remote_addr; } location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; proxy_pass http://127.0.0.1:8360; } access_log /data/wwwlogs/sshfortress.mojotv.cn.log; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/sshfortress.mojotv.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/sshfortress.mojotv.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }
Supervisor config file: sshfortress.ini
[program:sshfortress.mojotv.cn]
command=/data/sshfortress/bin/sshfortress sqlite
autostart=true
autorestart=true
startsecs=10
user=root chmod=0777 numprocs=1 redirect_stderr=true stdout_logfile=/data/sshfortress/supervisor.log
963
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
