Menu
Forums
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Trending
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Upgrades
Log in
Register
What's new
Search
Search
Search titles only
By:
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Menu
Log in
Register
Navigation
Install the app
Install
More options
Contact us
Close Menu
Forums
Software Development
Programming
Development
SSH-WEB
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Jepzter" data-source="post: 434606" data-attributes="member: 81100"><p>No connection data will be stored other than ip and port not username or password for the device. The data of commands that has been executed can choose to be store or not be stored. If stored, all commands will be encrypted, probably AES. I think of a setting to store data up to X amount of days, 1 hour, 1 day, 7 days, 1 month, forever. However, this will include a way for the user to download a file (PDF, or a textfile will probably fit the best in this case), with the commands that has been executed and is after that removed from the database. Also, the IP and port will be encrypted as well. Yes this will cause alot of work for the backend service, but I think it will do for now with probably a maximum of 5 users <img src="/styles/default/xenforo/smilies/emojione/tongue.png" class="smilie" loading="lazy" alt=":p" title="Stick Out Tongue :p" data-shortname=":p" /></p><p></p><p>Another way to be tackle this would be you to connect to the service with the client secret, auth token and the target device UUID created, this will not do much with the storage of ip and ports, but the information is not public in the frontend and therefor never possible to fetch it from the API.</p><p></p><p>Do you have any better idea to tackle this? <img src="/styles/default/xenforo/smilies/emojione/smile.png" class="smilie" loading="lazy" alt=":)" title="Smile :)" data-shortname=":)" /></p><p></p><p>---</p><p>Im currently working to get this up and running for open source with you being able to do pull requests.</p><p>Im pushing hard now to get the code readable, and is currently working on the SSH feature. Probably done with this in a couple of days. <img src="/styles/default/xenforo/smilies/emojione/smile.png" class="smilie" loading="lazy" alt=":)" title="Smile :)" data-shortname=":)" /></p><p>[doublepost=1527799089,1527359742][/doublepost]Doing connections through SSH seems to be working as it should be. Though, the question is how the communication of this should go, I still think of using REST with sending commands. <strong>Why?</strong> well, we are do not really care if the connection is open all the time, the only thing we are concern about is receiving the stdout from the server, otherwise we could use some socket technology, but that does not seem neccessary in this.</p><p></p><p>What will be important for this microservice though is that it uses RxJava, so that we can do multiple commands at once for many different users. Otherwise I would probably have to scale this up a bit with setting up multiple services with loadbalancing as there can be delays of the stdout.</p><p>[doublepost=1527949969][/doublepost]So, I've managed to setup so that its possible to run SSH commands through the Java service, and it looks like this.</p><p></p><p><a href="https://i.gyazo.com/d088ae9921c3b33d48d8170d7585e644.mp4" target="_blank">https://i.gyazo.com/d088ae9921c3b33d48d8170d7585e644.mp4</a></p><p></p><p>This run the command ifconfig to the server, and catches the response, now I have to setup an api endpoint to communicate with this service and then do the whole thing in RxJava, this will be a small task so it will probably go quick, not to much happening here. The question is if the main service should act like a client and route to this service or the frontend should communicate directly. I don't believe in running API request directly to the server so I will do a small service that will route traffic between the services. After this I will start doing the API Authentication using 0Auth2, and do the login system. I know this is not MVP to do the login system right now, but I feel like it should be done now anyway as it CAN actually be used, though without all the encryption.</p><p></p><p>On the frontend right now, not much is happening other than that you can choose a device and go into its "terminal" which is now just a regular styled bootstrap panel, so not much to see yet.</p><p>[doublepost=1528214609][/doublepost]So I've actually done some updates on this, and thats mostly on the authentication part, because I though that it would come in handy as I said in previous post.</p><p> </p><p>So, Im a fan of keeping stuff open, and therefor I've added so that you can integrate with the API using the endpoints, not only from the website but also from any curl request or anything other that can do a request. So to keep this "semi-secure" I've made so that yes, it is required for you to sign up on the website like any other user, but when you sign up you also get a client secret. With this client secret you would make a POST request to the API with your client secret. When you do that you receive the access-token and the time it will expire. Demo of this below,</p><p></p><p><a href="https://i.gyazo.com/b1bfc2a5ad3c34e1118d102d6e06ad91.mp4" target="_blank">https://i.gyazo.com/b1bfc2a5ad3c34e1118d102d6e06ad91.mp4</a></p><p></p><p>If something is wrong with the tokens/time,</p><p><img src="https://i.gyazo.com/0383dc906ad44b7d1ac748c987a88e20.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>Now with this, I could create a super-basic "getting started" login system which does not do much than log you in,</p><p></p><p><a href="https://i.gyazo.com/a875cfd42212c7775353895211ce87d2.mp4" target="_blank">https://i.gyazo.com/a875cfd42212c7775353895211ce87d2.mp4</a></p><p></p><p>If you are not logged in, you will be redirected to the login screen,</p><p></p><p><a href="https://i.gyazo.com/413940e2cdb31d411a85b7d837d8e11f.mp4" target="_blank">https://i.gyazo.com/413940e2cdb31d411a85b7d837d8e11f.mp4</a></p><p></p><p>The session storage will probably not contain these stuff, but for now it does, and I will change that later. <img src="/styles/default/xenforo/smilies/emojione/smile.png" class="smilie" loading="lazy" alt=":)" title="Smile :)" data-shortname=":)" /></p><p>[doublepost=1528313209][/doublepost]Now we are on the way really, now its possible to execute commands through the api and it looks like this, and responds like this. The URL should not be like this, in the end, hehe.</p><p><img src="https://i.gyazo.com/d05fee6bc6d932ce2415cb0eeb5eab08.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></p><p>[doublepost=1528388684][/doublepost]Well, I see a really big design flaw I did while designing this, what if you would like to use vim? You can't do that realtime with an api... I have to migrate this to an socket, I will probably be done with this in the weekend. Stupid me.... <img src="/styles/default/xenforo/smilies/emojione/smile.png" class="smilie" loading="lazy" alt=":)" title="Smile :)" data-shortname=":)" /></p><p>[doublepost=1528954168][/doublepost]Sorry for inactivity. I currently thinking of doing a big refactoring do help scale the website and all other microservices around it. I will hopefully this weekend start implementing Apache Kafka, for all microservices to share specified topics around. Therefor everything can also easily be split up in small portion databases. What do you think of this?</p><p>[doublepost=1529147423][/doublepost]Currently building the Kafka process. I actually writing a whole framework for building microservices easy, and I hope that this will help this forums development. While this is still in its early state I will describe how you will be able to use the Framework to work with kafka consumer and producers. I figured that setting Kafka up in a java service without Spring is not easy, and it's not that many tutorials about it, so this is the early state of the framework that now, only has support for handling Kafka.</p><p></p><p>The process is very easy, to throw events out into the Kafka stream you will use a stream publisher,</p><p></p><p>[CODE] EventPublisher.sendEvent("user-login-v1", user);[/CODE]</p><p></p><p>Notice that the user object in this case, is a serialized JSON Object, using Jackson. EventPublisher.sendEvent(topic, jsonObject) is a static method.</p><p></p><p>To make use of the events you've sent, you want something to listen to the event, in the same application, or another micro service, you declare them using the [CODE]@EventConsumer(topic = "user-login-v1")[/CODE] annotation on the method.</p><p></p><p>Its very important that the EventHandler class extends the abstract class EventHandler, that will give you a handle method.</p><p></p><p>[CODE]public class TestEvent extends EventHandler<User> {</p><p> </p><p> @EventConsumer(topic = "user-login-v1")</p><p> public void handle(User eventData) {</p><p> System.out.printf("Handled event for %s, with data %s", "user-login-v1", data.getTopic());</p><p> }</p><p>}[/CODE]</p><p></p><p>The handle method will be the place where you call you application different services depending on what you will do with it.</p><p></p><p>All of this happens behind the scenes, so I really hope, when this framework is done you will have great use of this! <img src="/styles/default/xenforo/smilies/emojione/smile.png" class="smilie" loading="lazy" alt=":)" title="Smile :)" data-shortname=":)" /> </p><p></p><p>Any inputs about what you think of this [USER=9520]@Holmes[/USER] ? <img src="/styles/default/xenforo/smilies/emojione/smile.png" class="smilie" loading="lazy" alt=":)" title="Smile :)" data-shortname=":)" /></p></blockquote><p></p>
[QUOTE="Jepzter, post: 434606, member: 81100"] No connection data will be stored other than ip and port not username or password for the device. The data of commands that has been executed can choose to be store or not be stored. If stored, all commands will be encrypted, probably AES. I think of a setting to store data up to X amount of days, 1 hour, 1 day, 7 days, 1 month, forever. However, this will include a way for the user to download a file (PDF, or a textfile will probably fit the best in this case), with the commands that has been executed and is after that removed from the database. Also, the IP and port will be encrypted as well. Yes this will cause alot of work for the backend service, but I think it will do for now with probably a maximum of 5 users :p Another way to be tackle this would be you to connect to the service with the client secret, auth token and the target device UUID created, this will not do much with the storage of ip and ports, but the information is not public in the frontend and therefor never possible to fetch it from the API. Do you have any better idea to tackle this? :) --- Im currently working to get this up and running for open source with you being able to do pull requests. Im pushing hard now to get the code readable, and is currently working on the SSH feature. Probably done with this in a couple of days. :) [doublepost=1527799089,1527359742][/doublepost]Doing connections through SSH seems to be working as it should be. Though, the question is how the communication of this should go, I still think of using REST with sending commands. [B]Why?[/B] well, we are do not really care if the connection is open all the time, the only thing we are concern about is receiving the stdout from the server, otherwise we could use some socket technology, but that does not seem neccessary in this. What will be important for this microservice though is that it uses RxJava, so that we can do multiple commands at once for many different users. Otherwise I would probably have to scale this up a bit with setting up multiple services with loadbalancing as there can be delays of the stdout. [doublepost=1527949969][/doublepost]So, I've managed to setup so that its possible to run SSH commands through the Java service, and it looks like this. [URL]https://i.gyazo.com/d088ae9921c3b33d48d8170d7585e644.mp4[/URL] This run the command ifconfig to the server, and catches the response, now I have to setup an api endpoint to communicate with this service and then do the whole thing in RxJava, this will be a small task so it will probably go quick, not to much happening here. The question is if the main service should act like a client and route to this service or the frontend should communicate directly. I don't believe in running API request directly to the server so I will do a small service that will route traffic between the services. After this I will start doing the API Authentication using 0Auth2, and do the login system. I know this is not MVP to do the login system right now, but I feel like it should be done now anyway as it CAN actually be used, though without all the encryption. On the frontend right now, not much is happening other than that you can choose a device and go into its "terminal" which is now just a regular styled bootstrap panel, so not much to see yet. [doublepost=1528214609][/doublepost]So I've actually done some updates on this, and thats mostly on the authentication part, because I though that it would come in handy as I said in previous post. So, Im a fan of keeping stuff open, and therefor I've added so that you can integrate with the API using the endpoints, not only from the website but also from any curl request or anything other that can do a request. So to keep this "semi-secure" I've made so that yes, it is required for you to sign up on the website like any other user, but when you sign up you also get a client secret. With this client secret you would make a POST request to the API with your client secret. When you do that you receive the access-token and the time it will expire. Demo of this below, [URL]https://i.gyazo.com/b1bfc2a5ad3c34e1118d102d6e06ad91.mp4[/URL] If something is wrong with the tokens/time, [IMG]https://i.gyazo.com/0383dc906ad44b7d1ac748c987a88e20.png[/IMG] Now with this, I could create a super-basic "getting started" login system which does not do much than log you in, [URL]https://i.gyazo.com/a875cfd42212c7775353895211ce87d2.mp4[/URL] If you are not logged in, you will be redirected to the login screen, [URL]https://i.gyazo.com/413940e2cdb31d411a85b7d837d8e11f.mp4[/URL] The session storage will probably not contain these stuff, but for now it does, and I will change that later. :) [doublepost=1528313209][/doublepost]Now we are on the way really, now its possible to execute commands through the api and it looks like this, and responds like this. The URL should not be like this, in the end, hehe. [IMG]https://i.gyazo.com/d05fee6bc6d932ce2415cb0eeb5eab08.png[/IMG] [doublepost=1528388684][/doublepost]Well, I see a really big design flaw I did while designing this, what if you would like to use vim? You can't do that realtime with an api... I have to migrate this to an socket, I will probably be done with this in the weekend. Stupid me.... :) [doublepost=1528954168][/doublepost]Sorry for inactivity. I currently thinking of doing a big refactoring do help scale the website and all other microservices around it. I will hopefully this weekend start implementing Apache Kafka, for all microservices to share specified topics around. Therefor everything can also easily be split up in small portion databases. What do you think of this? [doublepost=1529147423][/doublepost]Currently building the Kafka process. I actually writing a whole framework for building microservices easy, and I hope that this will help this forums development. While this is still in its early state I will describe how you will be able to use the Framework to work with kafka consumer and producers. I figured that setting Kafka up in a java service without Spring is not easy, and it's not that many tutorials about it, so this is the early state of the framework that now, only has support for handling Kafka. The process is very easy, to throw events out into the Kafka stream you will use a stream publisher, [CODE] EventPublisher.sendEvent("user-login-v1", user);[/CODE] Notice that the user object in this case, is a serialized JSON Object, using Jackson. EventPublisher.sendEvent(topic, jsonObject) is a static method. To make use of the events you've sent, you want something to listen to the event, in the same application, or another micro service, you declare them using the [CODE]@EventConsumer(topic = "user-login-v1")[/CODE] annotation on the method. Its very important that the EventHandler class extends the abstract class EventHandler, that will give you a handle method. [CODE]public class TestEvent extends EventHandler<User> { @EventConsumer(topic = "user-login-v1") public void handle(User eventData) { System.out.printf("Handled event for %s, with data %s", "user-login-v1", data.getTopic()); } }[/CODE] The handle method will be the place where you call you application different services depending on what you will do with it. All of this happens behind the scenes, so I really hope, when this framework is done you will have great use of this! :) Any inputs about what you think of this [USER=9520]@Holmes[/USER] ? :) [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Software Development
Programming
Development
SSH-WEB
Top