Status

This project is in a very-alpha state. It's just a rough idea. Don't beat me!

Motivation

Sometimes when working with SUSE Manager (SUMA), I have the need to perform some testing actions on a registered client. Although SUMA provides ways to do that (remote command, salt remote commands), these lack interactivity. Sometimes I just need to SSH into the client and do something (read logs, quickly tweak & test something repeatedly). This usually involves copying&pasting the client FQDN, opening a terminal, typing ssh root@, paste the FQDN and connecting to SSH.

The goal of this project is to ease connecting to & controlling SUMA registered clients via SSH.

Ideas

Currently, there are 2 completely different ideas to implement that functionality.

Idea 1: Open a user-installed SSH and point it to the SUMA client

Use some web browser ssh add-on (like Chrome secure shell). Create a button in the system page in the SUMA web UI that would open the client, passing the needed data (host, post, user...) to it.

Alternatively, create a link in SUMA web UI with href=ssh://user@machine:port and make the system open it (via xdg, for instance).

Idea 2: Web-based SSH clients

Instead of a native SSH client, we could use a web based ssh client. This would need some kind of proxy between the browser and target systems for websocket/socket interoperation.

Problems

  • Path to system: the system doesn't necessarilly need to be accessible from the user's computer. It can be in the network with SUMA server, or it can be even hidden behind a SUMA proxy. Possible solutions:

    • run some "ssh proxy" on SUMA server and SUMA proxies (in a similar fashion like salt-ssh minions),
    • do nothing and explicitly target this feature for "intranet setups".
  • Availability of the feature: not all systems have ssh installed & running. We should enable/disable the feature in the UI based on the state of the system (we can retrieve needed data via salt (grains?)).

  • Parameters: we should allow adjusting ssh parameters (like username) before connecting to the machine. We could also enable some kind of "raw mode" that allows adjusting the ssh command line before connecting.

Looking for hackers with the skills:

Nothing? Add some keywords!

This project is part of:

Hack Week 19

Activity

  • over 2 years ago: j_renner liked this project.
  • over 2 years ago: pagarcia liked this project.
  • over 2 years ago: fkobzik originated this project.

  • Comments

    • pagarcia
      over 2 years ago by pagarcia | Reply

      Coincidentally I was discussing something like this at FOSDEM with @PSuarezHernandez where I was explaining what a TPAM is and how we could implement it using https://github.com/liftoff/GateOne , which offers logging capabilities.

      This can be used to implement a TPAM

    • fkobzik
      over 2 years ago by fkobzik | Reply

      Hmm, interesting, I didn't know this one. Thanks for the tip Pau!

    Similar Projects

    This project is one of its kind!