anytermd - Man Page

A terminal-emulating HTTP daemon

Synopsis

anytermd [--command arg]  [--device arg] [--baudrate arg] [--port arg] [--user arg] [--auth arg] [--charset arg] [--foreground] [--diff] [--nodiff] [--max-sessions arg] [--max-http-connections arg] [--local-only] [--name arg]

anytermd --help

Description

Anyterm provides a terminal window on a web page, so you can run command-line programs on a machine even when the only access to it is over HTTP.

Anyterm consists of some Javascript on a web page, an XmlHttpRequest channel on standard ports  back to the server, an HTTP proxy such as Apache's mod_proxy and the Anyterm daemon. The daemon,  anytermd, uses a pseudo-terminal to communicate with a shell or other application, and includes  terminal emulation. Key presses are picked up by the Javscript which sends them to the daemon;  changes to the emulated screen are sent from the daemon to the Javascript which updates its  display. Performance is quite reasonable and SSL can be used to secure the connection. For security reasons, it is highly recommended that anytermd NOT be exposed directly to  the Internet!  See the section Security below.

Options

Default values are indicated in parentheses ().

-c | --command arg (=/bin/bash)

Command to run in terminal

-d | --device arg

Device to connect to (e.g. serial port)

-b | --baudrate arg

Baud rate for serial port device (=9600)

-p | --port arg (=8080)

Port number to listen on

-u | --user arg

User to run as

-a | --auth arg (=none)

Authorisation: none|null|trivial

-s | --charset arg (=ascii)

Character set

-f | --foreground

run in foreground

--diff

Send only differences to browser

-n | --nodiff

Send whole screen to browser each time

-m | --max-sessions arg (=20)

Maximum number of simultaneous sessions

--max-http-connections arg (=25)

Maximum number of simultaneous HTTP connections

--local-only

Accept connections only from localhost

--name arg (=anyterm)

Name used for logging and pid file

--help

show help message

Security

Do not run anytermd as root.

Anyterm's code has not been audited for security. It is almost certainly possible to cause it to  crash by sending it invalid input, and experience suggests that this sort of weakness can also be  exploited to allow arbitary code execution.

Note that all CGI applications and similar programs are subject to this sort of problem, though  some are better written than others. The Anyterm code does not need run with a higher priviledge  level than any other web application, so weaknesses in Anyterm do not put your system at any higher  risk than weaknesses in any other web application would.

Avoid exposing anytermd directly to the Internet.

anytermd should be used only as a backend service, reachable only via a frontend HTTPS  proxy, such as Apache, that requires authentication. http://anyterm.org/1.1/install.html  gives examples of how to set this up.

A more complete and up-to-date discussion of security issues in anytermd can be found at  http://anyterm.org/security.html.

Examples

If you just want to test Anyterm, you can do:

anytermd --local-only

and then connect to http://localhost:8080 with your Javascript-enabled web browser.  The  brower should display a terminal window containing a bash command prompt owned by the user who  started anytermd.

If you want to set up SSH-over-HTTP access on localhost:8022, you might run it as:

anytermd --command "/usr/bin/ssh -o your-username@localhost" --port 8022 --user nobody  --charset utf-8 --local-only

See Also

Anyterm is more fully documented on its web site, http://anyterm.org/.  The web site  may be more up-to-date than this man page.

Author

Anyterm is written by Phil Endecott.  This man page was contributed by Eric Rossen.

Info

1.1.something Phil Endecott