-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathfaq.html
89 lines (77 loc) · 4.54 KB
/
faq.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<title>SSH Now</title>
<script src="node_modules/xterm/lib/xterm.js"></script>
<script src="node_modules/xterm-addon-fit/lib/xterm-addon-fit.js"></script>
<script src="node_modules/local-echo/dist/local-echo.js"></script>
<link rel="stylesheet" href="node_modules/xterm/css/xterm.css" />
<style>
html {
padding: 0;
margin: 0;
}
body {
padding: 1em;
margin: 0;
background: black;
color: white;
font-size: 16px;
font-family: Tahoma, Verdana, Segoe, sans-serif;
line-height: 1.3;
max-width: 700px;
}
a, a:visited {
color: #ccc;
}
a:hover, a:active {
color: white;
}
</style>
</head>
<body>
<h1>SSH Now FAQ</h1>
<h3>What is SSH Now?</h3>
<p>
SSH Now is a tool that allows you to connect to a remote server over SSH, by copy-pasting a single command.
</p>
<h3>How do I use SSH Now?</h3>
<p>
Go to the <a href="/">home page</a>, copy the command shown on the screen, and paste it wherever you want to connect, such as in a CI script, a local terminal, an offensive research target, and so on. The command will connect to the SSH Now server, and a (very basic) terminal will appear in the browser.
</p>
<h3>Who made this and why?</h3>
<p>
Hi, I'm JP. This is a side project that I created to make it easier to debug remote machines, like CI jobs. For more information about the idea, check out <a href="https://janpaul123.notion.site/SSH-now-5c8238d83a844a3b9dfc1357fb78fd4a">this</a> and <a href="https://twitter.com/JanPaul123/status/1531693532049575936">this</a>.
</p>
<h3>Is it open source?</h3>
<p>
Yes, it is. You can find the source code on <a href="https://github.com/janpaul123/ssh-now">GitHub</a>. If you're interested in collaborating, please DM me on <a href="https://twitter.com/JanPaul123">Twitter</a>.
</p>
<h3>How does it work?</h3>
<p>
I made a <a href="https://www.youtube.com/watch?v=oAnc6Rih63I">video</a> where I go through the code and show in detail how it works.
</p>
<h3>Why would you create the biggest security risk of the year?</h3>
<p>
Haha, fair enough.. I wouldn't recommend using this if it doesn't fit into your threat model. In particular, these are some risks:<br>
- You'd have to trust me to not use the relay server for nefarious purposes.<br>
- While the traffic from the browser to the relay server is encrypted, the traffic from the relay server to the remote server is not, so you'd have to trust the intermediate parties.<br>
- The code itself is quite simple (you can check it out on <a href="https://github.com/janpaul123/ssh-now">GitHub</a>), but it's certainly possible for there to be security vulnerabilities.<br>
<br>
Besides that, the current solution is not very scalable. It's easy to overwhelm the machine with connections to take it down. That shouldn't, by itself, pose a security risk though.<br>
<br>
I did take some measures to reduce security risks:<br>
- The token in the URL (long token) and the token in the remote script (short token) are different. You can derive the short token from the long token, but not vice versa. So if someone is able to find the short token (e.g. if it was accidentally posted somewhere public), they don't automatically have access to your machine. However, they can connect to the relay server and pretend to be your machine, so still be careful.<br>
- The long token in the URL is very long, so that it will typically not be fully visible in the browser's URL bar. This means that it's harder to accidentally leak this token over a screenshare.<br>
- The TCP connection is aborted if it doesn't return the short token within half a second.<br>
- The Websocket connection is encrypted using TLS.<br>
<br>
At the end of the day, this is just a side project. It could certainly be professionalized as outlined <a href="https://janpaul123.notion.site/SSH-now-5c8238d83a844a3b9dfc1357fb78fd4a">here</a>, but until then, use your own judgement in the risks when using this.
</p>
<h3>Why does the terminal behave poorly?</h3>
<p>
Currently you don't get a true TTY terminal. In the future we can do things like automatically upgrading the terminal to a TTY terminal.
</p>
</body>
</html>