A simple web-based SSH client.

Related tags

CLI Tools nodejs javascript python ssh website django express socket-io xterm webapp ssh2
Overview

Kommander

A simple web-based SSH client. It supports:

  • entering SSH login details (including private key and custom ports) and connecting
  • user authentication (and 2FA!)
  • saving configurations to access them from anywhere

Install

Simply clone the repository:

git clone https://github.com/KingWaffleIII/kommander.git

Kommander depends on Python v3.10!

Configuration

Nginx

Kommander is reliant on Nginx so you must setup a configuration file or edit an existing one to server Kommander. Use the following as a template:

server {
	root /usr/share/nginx/html;
    server_name _;

    listen [::]:80;
    listen 80;

    # /STATIC IS NECESSARY

	location /static {
		expires -1;
		alias /usr/share/nginx/html/static;
	}

    # /SOCKET.IO IS NECESSARY

	location /socket.io {
        # choose whatever port you need - run.sh needs to run on the same port

		proxy_pass http://localhost:9000;
	}

	location / {
        # choose whatever port you need - run.sh needs to run on the same port

		proxy_pass http://localhost:8000;
	}
}

kommander/settings.py

You must fill out the CSRF_TRUSTED_ORIGINS list in kommander/settings.py with your domain(s). An example of this is commented out in the same file.

SMTP

Django has support for password reset emails. To use this feature, you must fill in the details of an email account in kommander/email_config.json. Additionally, you must also change init_sites.py and replace kommander.planetwaffle.net with your own production domain and dev.planetwaffle.net with your own development domain. These can be http://localhost.

Superuser Account

You must also change the environment variables in run.sh for python3.10 manage.py createsuperuser --no-input to your preference to set the Django administrator account. You need to supply an email and a password.

Usage

Simply run the run.sh bash script. It takes the following parameters:

-i: installs dependencies from the package-lock.json and requirements.txt.
It accepts yes or no.

-m: whether or not to enable developer mode. This will set kommander.settings.DEBUG to True, which is not appropriate for production, as well as define which site to use in init_sites.py. Anything that isn't dev will be assumed to run in production mode.

-p: the port that the Django server should run on.

-a: the port that the SSH gateway server should run on.

-s: whether or not to enable silent mode. This will disable all requests for input. Anything that isn't yes will be treated as no.

Menshen

Menshen is the underlying server that powers Kommander. It is the service that acts as a gateway (hence the name 'Menshen', after the Chinese divine guardians of doors and gates) between the user and the remote server.

Contributing

Contributions are welcome! If you find any issues, improvements or would like a feature added, feel free to submit an issue or a pull request. Please keep in mind, however, that Kommander is a simple web-based SSH client. I feel that v1.0.0 successfully meets all the criteria for a simple SSH client and therefore, am unlikely to add any new features. I will be happy to review any pull requests though.

License

Kommander and Menshen fall under the MIT license.

Comments
  • ERROR: All configured authentication methods failed

    ERROR: All configured authentication methods failed

    Hello thank you for this app i setup app and i got these error while trying to connect to SSH servers

    SSH servers that i tried are linux and cisco router

    for linux i got this: ERROR: All configured authentication methods failed for router i got this: === [SERVER] ERROR: Handshake failed: no matching key exchange algorithm ===

    the problem with cisco router is acceptable (thats because they use old encryption)

    any help?

    bug question inactive 
    opened by hosseindehghanpoor 4
  • Fix the 404 and 500 views.

    Fix the 404 and 500 views.

    The 404 and 500 views for the Django web interface show only a blank page.

    Error identified: there is a typo in the Django template for the 404 and 500 template HTML files.

    bug 
    opened by KingWaffleIII 1
  • Bump engine.io from 6.1.0 to 6.1.3 in /menshen

    Bump engine.io from 6.1.0 to 6.1.3 in /menshen

    Bumps engine.io from 6.1.0 to 6.1.3.

    Release notes

    Sourced from engine.io's releases.

    6.1.3

    Bug Fixes

    • typings: allow CorsOptionsDelegate as cors options (#641) (a463d26)
    • uws: properly handle chunked content (#642) (3367440)

    Links

    6.1.2

    Bug Fixes

    • uws: expose additional uWebSockets.js options (#634) (49bb7cf)
    • uws: fix HTTP long-polling with CORS (45112a3)
    • uws: handle invalid websocket upgrades (8b4d6a8)

    Links

    6.1.1

    :warning: This release contains an important security fix :warning:

    A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:

    RangeError: Invalid WebSocket frame: RSV2 and RSV3 must be clear at Receiver.getInfo (/.../node_modules/ws/lib/receiver.js:176:14) at Receiver.startLoop (/.../node_modules/ws/lib/receiver.js:136:22) at Receiver._write (/.../node_modules/ws/lib/receiver.js:83:10) at writeOrBuffer (internal/streams/writable.js:358:12)

    This bug was introduced by this commit, included in [email protected], so previous releases are not impacted.

    Thanks to Marcus Wejderot from Mevisio for the responsible disclosure.

    Bug Fixes

    • properly handle invalid data sent by a malicious websocket client (c0e194d)

    Links

    Changelog

    Sourced from engine.io's changelog.

    6.1.3 (2022-02-23)

    Bug Fixes

    • typings: allow CorsOptionsDelegate as cors options (#641) (a463d26)
    • uws: properly handle chunked content (#642) (3367440)

    6.1.2 (2022-01-18)

    Bug Fixes

    • uws: expose additional uWebSockets.js options (#634) (49bb7cf)
    • uws: fix HTTP long-polling with CORS (45112a3)
    • uws: handle invalid websocket upgrades (8b4d6a8)

    6.1.1 (2022-01-11)

    :warning: This release contains an important security fix :warning:

    A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:

    RangeError: Invalid WebSocket frame: RSV2 and RSV3 must be clear at Receiver.getInfo (/.../node_modules/ws/lib/receiver.js:176:14) at Receiver.startLoop (/.../node_modules/ws/lib/receiver.js:136:22) at Receiver._write (/.../node_modules/ws/lib/receiver.js:83:10) at writeOrBuffer (internal/streams/writable.js:358:12)

    This bug was introduced by this commit, included in [email protected], so previous releases are not impacted.

    Thanks to Marcus Wejderot from Mevisio for the responsible disclosure.

    Bug Fixes

    • properly handle invalid data sent by a malicious websocket client (c0e194d)
    Commits
    • ce3fe9d chore(release): 6.1.3
    • 1bc5b1a chore: bump engine.io-parser to version 5.0.3
    • 5df4f18 perf(uws): remove nested inner functions
    • 3367440 fix(uws): properly handle chunked content (#642)
    • a463d26 fix(typings): allow CorsOptionsDelegate as cors options (#641)
    • 90fb0a9 chore(release): 6.1.2
    • e122e4b refactor: add additional types
    • 3f1e312 chore: bump package-lock.json file version
    • 45112a3 fix(uws): fix HTTP long-polling with CORS
    • 49bb7cf fix(uws): expose additional uWebSockets.js options (#634)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump minimist from 1.2.5 to 1.2.6 in /menshen

    Bump minimist from 1.2.5 to 1.2.6 in /menshen

    Bumps minimist from 1.2.5 to 1.2.6.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Fix issue #3

    Fix issue #3

    Menshen now outputs a log, containing the details of each socket.io and ssh2 connection. When submitting an issue about SSH connection failures, you should submit this information.

    opened by KingWaffleIII 0
Owner
KingWaffleIII
o7 | 3rd King of Planet Waffle | Programmer ([Python/JS] web developer) | Never Beaten Minecraft in Survival | Weeb | AKA waffle.exe
KingWaffleIII
GitHub
Python implementation of SSH file transfer across servers.

SSH Transfer Python implementation of SSH file transfer across servers. Requirements paramiko=2.7.2 Usage Config Preparation Configure some informatio

Zhe Kong 1 Nov 23, 2021
A small system that allow you to manage hosts stored in your .ssh/config file

A small system that allow you to manage hosts stored in your .ssh/config using simple commands.

Simone Ostini 1 Jan 24, 2022
A web shell client written in python.

Webshell client A webshell client written in python. Only works well for linux for the time being. Why? Because there are too many heavy webshells. So

tchar 1 Dec 7, 2021
TerminalGV is a very simple client to display stats about your SNCF TGV/TER train in your terminal.

TerminalGV So I got bored in the train, TerminalGV is a very simple client to display stats about your SNCF TGV/TER train in your terminal. The "on-tr

Samuel 8 Dec 15, 2022
A command-line based, minimal torrent streaming client made using Python and Webtorrent-cli. Stream your favorite shows straight from the command line.

A command-line based, minimal torrent streaming client made using Python and Webtorrent-cli. Installation pip install -r requirements.txt It use

Jonardon Hazarika 17 Dec 11, 2022
A command-line based, minimal torrent streaming client made using Python and Webtorrent-cli.

ABOUT A command-line based, minimal torrent streaming client made using Python and Webtorrent-cli. Installation pip install -r requirements.txt It use

Janardon Hazarika 17 Dec 11, 2022
Pymongo based CLI client, to run operation on existing databases and collections

Mongodb-Operations-Console Pymongo based CLI client, to run operation on existing databases and collections Program developed by Gustavo Wydler Azuaga

Gus 1 Dec 1, 2021
As easy as /aitch-tee-tee-pie/ 🥧 Modern, user-friendly command-line HTTP client for the API era. JSON support, colors, sessions, downloads, plugins & more. https://twitter.com/httpie

HTTPie: human-friendly CLI HTTP client for the API era HTTPie (pronounced aitch-tee-tee-pie) is a command-line HTTP client. Its goal is to make CLI in

HTTPie 25.4k Dec 30, 2022
Interactive Redis: A Terminal Client for Redis with AutoCompletion and Syntax Highlighting.

Interactive Redis: A Cli for Redis with AutoCompletion and Syntax Highlighting. IRedis is a terminal client for redis with auto-completion and syntax

null 2.2k Dec 29, 2022
A Terminal Client for MySQL with AutoCompletion and Syntax Highlighting.

mycli A command line client for MySQL that can do auto-completion and syntax highlighting. HomePage: http://mycli.net Documentation: http://mycli.net/

dbcli 10.7k Jan 7, 2023
Jupyter notebook client in neovim

?? Jupyter-Nvim Read jupyter notebooks in neovim Note: The plugin is still in alpha stage ?? Usage Just open any *.ipynb file and voila! ✨ Contributin

Ahmed Khalf 85 Dec 29, 2022
frogtrade9000 - a command-line Rich client for the freqtrade REST API

frogtrade9000 - a command-line Rich client for the freqtrade REST API I found FreqUI too cumbersome and slow on my Raspberry Pi 400 when running multi

Robert Davey 79 Dec 2, 2022
triggercmd is a CLI client for the TRIGGERcmd cloud service.

TriggerCMD CLI client triggercmd is a CLI client for the TRIGGERcmd cloud service. installation the triggercmd package is available in PyPI. to instal

Gustavo Soares 7 Oct 18, 2022
Command line client for Audience Insights

Dynamics 365 Audience Insights CLI The AuI CLI is a command line tool for Dynamics 365 Audience Insights. It is based on the customerinsights Python l

Microsoft 8 Jan 9, 2023
pyNPS - A cli Linux and Windows Nopaystation client made with python 3 and wget

Currently, all the work is being done inside the refactoring branch. pyNPS - A cli Linux and Windows Nopaystation client made with python 3 and wget P

Everton Correia 45 Dec 11, 2022
Splitgraph command line client and python library

Splitgraph Overview Splitgraph is a tool for building, versioning and querying reproducible datasets. It's inspired by Docker and Git, so it feels fam

Splitgraph 313 Dec 24, 2022
A terminal client for connecting to hack.chat servers

A terminal client for connecting to hack.chat servers.

V9 2 Sep 21, 2022
CLI client for FerrisChat

A CLI Client for @FerrisChat using FerrisWheel

FerrisChat 2 Apr 1, 2022
RSS reader client for CLI (Command Line Interface),

rReader is RSS reader client for CLI(Command Line Interface)

Lee JunHaeng 10 Dec 24, 2022