网页远程登陆设备/主机--Webssh2的使用方法

1、下载镜像

代码语言：javascript复制

# docker search webssh2

代码语言：javascript复制

NAME                        DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
psharkey/webssh2            Web SSH Client using WebSSH2 (ssh2, socket.i…   28                   [OK]
lihaixin/webssh2            WebSSH2 一个可以通过浏览器进行SSH连接的客户端                    6                    
billchurch/webssh2          WebSSH2 Docker                                  6                    
crazyrolfie/webssh2         Web SSH Client using ssh2, socket.io, xterm.…   0                    

代码语言：javascript复制

docker pull  billchurch/webssh2:0.4.6

2、编写docker-compose.yml和config.json （这里tab是两个空格，用vim复制粘贴记得先执行 :set paste）

代码语言：javascript复制

version: '3'
services:
  webssh2:
    image: billchurch/webssh2:0.4.6
    container_name: webssh2
    ports:
      - 0.0.0.0:2222:2222
    healthcheck:
      test:
        - CMD
        - "nc"
        - "-w"
        - "1"
        - "127.0.0.1:2222"
    restart: always
    network_mode: bridge
    volumes:
      - /etc/localtime:/etc/localtime
      - /etc/timezone:/etc/timezone
      - ./config.json:/opt/webssh2/config.json

代码语言：javascript复制

{
    "listen": {
        "ip": "0.0.0.0",
        "port": 2222
    },
    "http": {
        "origins": [
            "localhost:2222"
        ]
    },
    "user": {
        "name": null,
        "password": null,
        "privatekey": null,
        "overridebasic": false
    },
    "ssh": {
        "host": null,
        "port": 22,
        "term": "xterm-color",
        "readyTimeout": 20000,
        "keepaliveInterval": 120000,
        "keepaliveCountMax": 10,
        "allowedSubnets": []
    },
    "terminal": {
        "cursorBlink": true,
        "scrollback": 10000,
        "tabStopWidth": 8,
        "bellStyle": "sound"
    },
    "header": {
        "text": null,
        "background": "green"
    },
    "session": {
        "name": "WebSSH2",
        "secret": "mysecret"
    },
    "options": {
        "challengeButton": true,
        "allowreauth": true
    },
    "algorithms": {
        "kex": [
            "ecdh-sha2-nistp256",
            "ecdh-sha2-nistp384",
            "ecdh-sha2-nistp521",
            "diffie-hellman-group-exchange-sha256",
            "diffie-hellman-group14-sha1"
        ],
        "cipher": [
            "aes128-ctr",
            "aes192-ctr",
            "aes256-ctr",
            "aes128-gcm",
            "aes128-gcm@openssh.com",
            "aes256-gcm",
            "aes256-gcm@openssh.com",
            "aes256-cbc"
        ],
        "hmac": [
            "hmac-sha2-256",
            "hmac-sha2-512",
            "hmac-sha1"
        ],
        "compress": [
            "none",
            "zlib@openssh.com",
            "zlib"
        ]
    },
    "serverlog": {
        "client": false,
        "server": false
    },
    "accesslog": false,
    "verify": false,
    "safeShutdownDuration": 300
}

注：SSH协商时如加密套件不支持，可以在config.json的cipher中添加加密套件。

3、启动webssh2容器

代码语言：javascript复制

docker-compose up -d 

4、使用浏览器测试

代码语言：javascript复制

http://user:password@<your_server_ip>:2222/ssh/host/<dest_host_ip>
example: http://root:root123@10.10.10.10:2222/ssh/host/10.11.12.13
ssh访问ipv6：
http://root:root123@10.10.10.10:2222/ssh/host/2024::101

浏览器界面如下所示：

正常界面

5、配置nginx转发

代码语言：txt复制

  location ^~ /ssh {
    proxy_pass http://<host-ip>:2222;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header User-real-ip $remote_addr;
    proxy_read_timeout 600s;
  }

浏览器访问80/443即可

代码语言：shell复制

ipv4:
http://root:root123@10.10.10.10/ssh/host/10.11.12.13
https://root:root123@10.10.10.10/ssh/host/10.11.12.13
ipv6:
http://root:root123@10.10.10.10/ssh/host/2024::101
https://root:root123@10.10.10.10/ssh/host/2024::101

webview ssh

0 人点赞