I had a spare Raspberry Pi lying around so though I would see if I would get a web based SSH session going for the raspberry pi, as well as setting up SSL using a free 1 year SSL cert from StartSSL
It was surprisingly simple.
After searching around I came across GateOne which gets some good reviews and seemed easy to setup.
First to setup SSL you will need to have a FQDN that points to your Pi. There are loads of free sites out there that allow you to do this, for this example we will assume we have setup ssh.example.com which points to the IP address of the Pi (You will need to setup port forwarding if you are doing this on your home broadband router)
You could also skip the below step and use the self-signed cert that is automatically generated, but I’m not a fan of self signed certs on the internet. For your own home use on a LAN fine, but its its internet facing then generate a proper cert. I googled a bit and found that StartSSL offer free 1-year certs.
You will need to generate a keyfile using:
openssl genrsa -out ssh.example.com.key 2048
This generates a 2048 bit keyfile for ssh.example.com
The below will generate a CSR file (after completing a few questions):
openssl req -new -key ssh.example.com.key -out ssh.example.com.csr
The csr file then needs to be uploaded to the CA, and they will validate it and then give you a PEM encoded certificate.
Both of these files (ssh.example.com.key and ssh.example.com.pem) need to be saved to
Now onto configuring GateOne. Connect to your Pi and download the master file from Github:
Extract on the R-Pi using
Once unzipped run
This will generate a conf file for you under conf.d/10server.conf
I changed the following lines:
and with a bit of luck you should be able to open up a browser and browse to https://ssh.example.com
Once connected to the Pi, i can then SSH to all my other Linux servers….mwaaa haaaa haaaa! 🙂
I still need to setup run_gateone.py to start automatically but that should be easy enough.
A quick search shows a few sites on how to do it: