Quite often I am trying to access my Linux box remotely. Unfortunately most of the time for security reasons port 22 (SSH) is closed, leaving you disconnected from your home. Facing this issue, combined with my recent idea to get back to software development, its time to remove those boundary – lets install ajaxterm to get connected again.
So lets start – first of all I think it is quite clear that you need an external accessible IP address as well as a web-server – e.g. Apache. Using my own domain I then created a sub-domain pointing at the same IP address as my main server. I simply use the sub-domain as a structural way accessing various services. Having a Ubuntu System, the first thing now after updating the environment is getting the ajaxterm installed by the following command:
email@example.com:/home/jvr# apt-get install ajaxterm
Now we should enable the Password Authentication in /etc/ssh/ssh_config by simply uncommenting the line:
The next step is to create a login/password on the Apache Authentication level by following commands (please replace “MyName” with the preferred user name and please don’t use any kind of simple passwords):
firstname.lastname@example.org:/home/jvr# mkdir /srv/ajaxterm email@example.com:/home/jvr# cd /srv/ajaxterm firstname.lastname@example.org:/srv/ajaxterm# htpasswd -cm /srv/ajaxterm/.htpasswd MyName
Okay – following a structured approach, lets create now a separate Apache configuration file for the ajaxterm: /etc/apache2/sites-available/ajaxterm with the following content:
<VirtualHost ajaxterm.jvr.at:443> ServerName ajaxterm.jvr.at HostnameLookups Double CustomLog /var/log/apache2/access.log combined env=!dontlog SetEnvIf Request_URI "^/u" dontlog ErrorLog /var/log/apache2/error.log Loglevel warn SSLEngine On SSLCertificateFile /etc/apache2/ssl/apache.pem
<Proxy *> AuthUserFile /srv/ajaxterm/.htpasswd AuthName EnterPassword AuthType Basic require user MyUser Order Deny,allow Allow from all </Proxy> ProxyPass / http://localhost:8022/ ProxyPassReverse / http://localhost:8022/ </VirtualHost>
So please note that the config is based on the newly created sub-domain. Furthermore we are using SSL but also, following the “require user” line just enabling a defined user, named MyUser, to access the ajaxterm. Since the ajaxterm is basically a local running service, we have to set up a proxy.
But wait – having said before that we use SSL – I guess we will need to install and create an SSL certificate first. Therefore follow the following commands:
email@example.com:/srv/ajaxterm# apt-get install ssl-cert firstname.lastname@example.org:/srv/ajaxterm# mkdir /etc/apache2/ssl email@example.com:/srv/ajaxterm# /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
And finally enable the proxy, ssl and the newly created ajaxterm config file.
firstname.lastname@example.org:/srv/ajaxterm# a2enmod proxy_http Considering dependency proxy for proxy_http: Enabling module proxy. Enabling module proxy_http. Run '/etc/init.d/apache2 restart' to activate new configuration! email@example.com:/srv/ajaxterm# a2enmod ssl Module ssl already enabled firstname.lastname@example.org:/srv/ajaxterm# a2ensite ajaxterm Enabling site ajaxterm. Run '/etc/init.d/apache2 reload' to activate new configuration!
Finally, just to be on the save side – we should restart the ajaxterm and the apache2 service by:
email@example.com:/srv/ajaxterm# /etc/init.d/ajaxterm restart firstname.lastname@example.org:/srv/ajaxterm# /etc/init.d/apache2 restart
And now check-out your ajaxterm (hint – use https to access your service)!
2014/06/12: An additional note – some versions of ajaxterm seems to have an issue runng in daemon mode, where you receive an connection loss error. Suprisingly if you start ajaxterm from the console as a simple process it works. So to fix this issue I modified the startupscript in my Ubuntu installation in /etc/init.d/ajaxterm as follows (thats the diff):
42,43c42,43 < start-stop-daemon -b --start --group=$AJAXTERM_GID --pidfile $PIDFILE --exec $DAEMON -- --port=$PORT --serverport=$SERVERPORT \ < --uid=$AJAXTERM_UID >/dev/null && --- > start-stop-daemon --start --group=$AJAXTERM_GID --pidfile $PIDFILE --exec $DAEMON -- --daemon --port=$PORT --serverport=$SERVERPORT \ > --uid=$AJAXTERM_UID >/dev/null