Here's what I mistakenly thought:
The original version of
sshxhas a severe security issue: It writes and write key in the URL, which enables anyone sees it to run shell commands on your computer, especially, the server.I wasn't sure about whether it's simply that the author is too lazy to prevent it or a backdoor until I found him blacklisted me. This is what I did:
- Created 3 PRs:
- Added a feature of setting custom enc key and write key.
- Added a feature of requesting custom room name.
- Added a feature of fill in the write key in frontend prompt
- Pushed a commit remove back door to my personal fork
I guess he behaved this rude because my patch will turn his URL-monitoring middleware into trash, given that he is incredibly against self-hosting.
Actually it's explained in ekzhang#65 (comment). People don't search issues and etc before yelling are not welcome, of course.
A secure web-based, collaborative terminal.
Features:
- Run a single command to share your terminal with anyone.
- Resize, move windows, and freely zoom and pan on an infinite canvas.
- See other people's cursors moving in real time.
- Connect to the nearest server in a globally distributed mesh.
- End-to-end encryption with Argon2 and AES.
- Automatic reconnection and real-time latency estimates.
- Predictive echo for faster local editing (à la Mosh).
Visit sshx.io to learn more.
Currently I'm afraid you have to compile this by yourself. Detailed info of compiling will be given below.
Should have had an action to build.
You can run sshx in continuous integration workflows to help debug tricky issues, like in GitHub Actions.
name: CI
on: push
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# ... other steps ...
- run: curl -sSf https://sshx.io/get | sh -s run
# ^
# └ This will open a remote terminal session and print the URL. It
# should take under a second.We don't have a prepackaged action because it's just a single command. It works anywhere: GitLab CI, CircleCI, Buildkite, CI on your Raspberry Pi, etc.
Be careful adding this to a public GitHub repository, as any user can view the logs of a CI job while it is running.
Here's how to work on the project, if you want to contribute.
To build the latest version of the client from source, clone this repository and
run, with Rust (and maybe protobuf or others)
installed:
Firstly, start a server:
npm install
npm run build
cargo run --bin sshx-serverThen client:
cargo run --bin sshx --server http://127.0.0.1:8051You can easily self host the backend by running cargo build -r, run the
executable target/release/sshx-server, and bind it to a domain name or open
corresponding port.
If you don't have any domain name or public IP, I recommend zrok.