GitXplorerGitXplorer
n

piping-ssh-web

public
112 stars
5 forks
12 issues

Commits

List of commits on branch master.
Unverified
bf93970e0aa753de07a56e710434723ff7057329

deps: golang.org/x/crypto 0.24.0

nnwtgck committed 7 months ago
Unverified
68d392d2d23e39ef2038554f99f0f9f7bab6b1b8

deps: update

nnwtgck committed 7 months ago
Verified
b251ccaea3ba80503ed5776933950290862a29fd

build(deps): bump nwtgck/actions-netlify from 2.1 to 3.0 (#189)

ddependabot[bot] committed 10 months ago
Verified
620c84cd4ee30cfe764992fa682255f431330d5c

build(deps): bump actions/github-script from 6 to 7 (#135)

ddependabot[bot] committed a year ago
Verified
45905a7059cef3d98859f4cbfb230eaa019ce7f1

build(deps): bump actions/setup-node from 3 to 4 (#127)

ddependabot[bot] committed a year ago
Verified
7132df940f1988c99455d240d0cc8475d8a1a8f2

build(deps): bump actions/checkout from 3 to 4 (#108)

ddependabot[bot] committed a year ago

README

The README file for this repository.

piping-ssh

SSH over HTTPS via Piping Server on browser.

https://piping-ssh.nwtgck.org

We often want to access applications on our remote machine. But some environments have NATs or difficulties with opening a port to the public and getting a static IP. There is a way to forward a port over HTTPS with high transparency. This project aims to provide an SSH client that works on the browser and is compatible with the highly transparent way.

SSH over pure HTTPS via Piping Server

On the SSH server side, you can simply run the following command.

curl -sSN https://ppng.io/aaa | nc localhost 22 | curl -sSNT - https://ppng.io/bbb

The command above consists only of curl and nc, which are widely used and trusted. These commands are likely to already be installed on your machine.

Security

  • SSH things are processed only in the browser without any server.
  • Go language (golang.org/x/crypto/ssh) and WebAssembly are used.
  • The connection between the browser and the SSH server are end-to-end encrypted.
  • The connection between the browser and Piping Server is also encrypted in transit with HTTPS.
  • The running command on the SSH server side is highly transparent, so you can easily understand what they are doing.

SSH key generation

You can generate SSH keys only in the browser without any server.

  • RSA 2048 bits
  • RSA 4096 bits
  • Ed25519

SSH key generation in browser

You can also manage keys generated by ssh-keygen command with or without a passphrase.

URL fragment parameters

You can store the configuration in the URL. All the parameters are in the URL fragment so they are never sent to the web server. piping-ssh-web with URL fragment parameters

e.g. https://piping-ssh.nwtgck.org/#?user=myuser&password=mypass&s_port=22&cs_path=aaa&sc_path=bbb

  • user: SSH user name
  • password: SSH user password
  • server: Piping Server URL
  • cs_path: Server-to-client path
  • sc_path: Client-to-server path
  • auto_connect: Connect automatically
  • s_port: SSH Server port for command hint
  • headers: HTTP headers to Piping Server
    • (e.g. [["X-MyExtra1", "myvalue1"], ["Content-Type", "application/myapp"]])

Requirement

This project requires Google Chrome 105 or higher for fetch() upload streaming feature. You can also use Chromium-based browsers.

Previous version using SSHy

This project used to highly based on SSHy before Go language and WebAssembly were used.
SSHy version: https://6453204af3b3fc3555e79371--piping-ssh.netlify.app

Acknowledgements

The idea of tunneling over Piping Server was proposed by @Cryolite in a Japanese post, https://qiita.com/Cryolite/items/ed8fa237dd8eab54ef2f. Thanks!

Self-hosting Piping Server

It is easy to use Replit and fork https://replit.com/@nwtgck/piping to host Piping Server for free. You can see https://github.com/nwtgck/piping-server/wiki/How-to-self-host-Piping-Server to get other ways.

References