Table of Contents

Secure Shells (SSH) are widely used to connect to the remote hosts, and is of course the recommended way. Shellinabox is another alternative, more friendly to the client because a simple browser with javascript support is sufficient for a full featured shell. Note that use on production servers is discouraged for security concerns.

screenshot of shellinabox


Since Shellinabox is packaged in the official Debian repository, the installation process is fairly simple.

apt install shellinabox


It seems that self-signed certificates and/or SSL features are broken at the time of writing. Edit /etc/default/shellinabox to disable SSL via -t option:

SHELLINABOX_ARGS="--no-beep -t"

Restart the service and it should be available at http://ip:4200.

Running behind Nginx

Nobody wants their password sent unencrypted. Trusted SSL certificates can be added at webserver level as seen many times. After that, add the following location block:

location / {
    proxy_set_header Host      $host;
    proxy_set_header X-Real-IP $remote_addr;