Support QRP CoA Everywhere

Monday, 12 July 2021

Shellinabox on RaspberryPi

It is definitely not new, and I claim no originality as this idea has been posted elsewhere before, but I mentioned in discussion that I was using this (along with octoprint) on my Raspberry Pi 'servers' used with the 3D printers and CNC between Cambridge and Cornwall, 400 miles (and when really remote on some DX trip, usually to tweak some SDR setting) to adjust stuff if needed. Sounded really useful so  I was asked could I provide some details:

So here goes (your mileage may vary so don't assume a pure cut and paste will work for you). There are plenty of albeit old guides out there that will help you set this up on full blown PC's.

First to make this super easy on myself I used the Debian "Buster" Raspberry Pi image. It should work with others but you might need to do some tweaking.

Shellinabox is self contained  and it does everything out of the box (no pun intended) over a single TCP port 4200 by default. You can change this and in fact you might want to if you are using it to access the server from outside the network.

The first thing is to install it...

As I mentioned I am using raspbian so this is super easy...

(assuming logged in as 'pi', I use apt myself but apt-get works)

sudo apt-get install shellinabox

That is it... simple hey. That gives you the default install. (The install started the service on mine too but /etc/init.d/shellinabox starts it! You might be able to use systemd systemctl etc... but I not tried)

You use it by using a web browser on a remote system and into the navigation window typing in the IP/or hostname if you have done some fancy networking of the the Raspberry Pi and then :4200 e.g. https://192.168.0.100:4200

You will get a plain white screen and a prompt to login will appear. Continue as you would normally. it is a CLI or shell s don't expect some GUI anything to work (it might but I never tried)

If it doesn't work visit https://code.google.com/archive/p/shellinabox/ this was 'abandoned' a few years ago there is a more recent fork at https://github.com/shellinabox/shellinabox you should find any further answers there including configuring it.

If you are running one of the paranoid browsers it might moan about an SSL cert, you can add one to remove this warning if wanted. Installing SSL Certs is beyond this post.

If you are intending to connect to this from outside your network you will need to a do a few things.

1. Secure the Raspberry Pi server (make sure everything is up to date, make sure the users are using decent passwords.) I use strong passwords and I added MFA. Google for it.

2. Secure the Raspberry Pi server (check you really have done it!)

3. Adjust the config so you are using either a different port to 4200 and make your router forward any requests for that port to it. Care!!! You are exposing YOUR network, don't do it if you don't know what you are doing or don't accept all the risks. There are loads of bored script kiddies out there 24x7x365 just waiting to find any exploit.

I use XTERM on my Linux desktop so I like it so I added some extra bits.... as didn't like the black on white. I use a black background and green letters which I also made a bit bigger. You can add lots of other bits and pieces the choices are up to you. (I add a login screen, tweaked MOTD, to remind you are connecting to a remote system).

The configuration is in /etc/shellinabox and /etc/default/shellinabox as CSS style sheets so it isn't too hard to tweak it. /etc/shellinabox/options-enabled is the file it uses, you can eiter edit a file directly or create one and link to it (probably better if you want to tweak it).

(I'll add some images, screen grabs to this post.)


No comments: