Last active
April 26, 2018 20:08
-
-
Save TangentFoxy/bc62891a9d7da488e7fc9da0a16f4c06 to your computer and use it in GitHub Desktop.
Easy-to-use install script for shellinabox. https://github.com/shellinabox/shellinabox
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sudo apt-get update | |
sudo apt-get install git libssl-dev libpam0g-dev zlib1g-dev dh-autoreconf -y | |
sudo apt-get install git libssl-dev libpam0g-dev zlib1g-dev dh-autoreconf -y # duplicated because errors I encountered that were fixed by just running it again | |
git clone https://github.com/shellinabox/shellinabox.git | |
cd shellinabox | |
autoreconf -i | |
autoreconf -i # duplicated beause errors I encountered that were fixed by just running it again | |
./configure | |
make | |
dpkg-buildpackage -b | |
dpkg -i ../shellinabox*.deb |
Also, I don't know if the autoreconf
/./configure
/make
commands are actually needed when installing the deb package.
An example config for proxying to this with a trusted certificate:
server {
listen 443 ssl;
server_name shell.guard13007.com
add_header Strict-Transport-Security "max-age=63072000; preload"; # includeSubDomains;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
ssl_certificate /etc/letsencrypt/live/shell.guard13007.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/shell.guard13007.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
ssl_dhparam /srv/dhparams.pem;
location / {
proxy_pass https://127.0.0.1:4200;
proxy_ssl_verify off; # just ignoring it, localhost anyhow so its secure
}
}
This would be placed in a file within /etc/nginx/sites-enabled/
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Note, when this is complete, https://localhost:4200 on that machine will be a shell. It is using a self-signed certificate, so you will get security errors. I should look up how to specify a cert when I have the chance.