Setting up web based/client less SSH for the Raspberry-Pi

I had a spare Raspberry Pi lying around so though I would see if I would get a web based SSH session going for the raspberry pi, as well as setting up SSL using a free 1 year SSL cert from StartSSL

It was surprisingly simple.

After searching around I came across GateOne which gets some good reviews and seemed easy to setup.

First to setup SSL you will need to have a FQDN that points to your Pi. There are loads of free sites out there that allow you to do this, for this example we will assume we have setup ssh.example.com which points to the IP address of the Pi (You will need to setup port forwarding if you are doing this on your home broadband router)

You could also skip the below step and use the self-signed cert that is automatically generated, but I’m not a fan of self signed certs on the internet. For your own home use on a LAN fine, but its its internet facing then generate a proper cert. I googled a bit and found that StartSSL offer free 1-year certs.

You will need to generate a keyfile using:
openssl genrsa -out ssh.example.com.key 2048

This generates a 2048 bit keyfile for ssh.example.com

The below will generate a CSR file (after completing a few questions):
openssl req -new -key ssh.example.com.key -out ssh.example.com.csr

The csr file then needs to be uploaded to the CA, and they will validate it and then give you a PEM encoded certificate.

Both of these files (ssh.example.com.key and ssh.example.com.pem) need to be saved to
GateOne-master/ssl

Now onto configuring GateOne. Connect to your Pi and download the master file from Github:
https://github.com/liftoff/GateOne/

Extract on the R-Pi using
unzip master.zip

Once unzipped run ./run_gateone.py
This will generate a conf file for you under conf.d/10server.conf

I changed the following lines:

"certificate": "/home/pi/GateOne-master/ssl/ssh.example.com.pem",
"keyfile": "/home/pi/GateOne-master/ssl/ssh.example.com.key",
"origins": ["ssh.example.com"],
"port": 443,

Run ./run_gateone.py
and with a bit of luck you should be able to open up a browser and browse to https://ssh.example.com

GateOne

GateOne - SSH Session

Once connected to the Pi, i can then SSH to all my other Linux servers….mwaaa haaaa haaaa! 🙂

I still need to setup run_gateone.py to start automatically but that should be easy enough.
A quick search shows a few sites on how to do it:

http://www.raspberrypi.org/phpBB3/viewtopic.php?f=37&t=49153

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.