SSH Forced commands from Web Page
Are you a paranoid nerd, who’s business requirements are very strict about IT security? No, well you may as well stop reading here.
Perhaps you have a business requirement to perform some random function on a server that only allows SSH access, but the rest of the business requires simple press button access to perform those functions?
Well with SSH force command wrappers, SSH keys and PHP you too can have simple click button access for the rest of the business!
Basically with a Linux apache server with PHP use the following code:
<?php
session_start();
//Check if POST data exists
$data = $_POST;
$data['ip_address'] = $_SERVER['REMOTE_ADDR'];
$returnString = "";
if(isset($data['submit'])){
//determine which button has been clicked and re-direct accordingly
switch($data['submit']){
case "function-A":
$returnString = shell_exec('ssh ssh-user@8.8.8.8 function-A 2>&1');
break;
case "function-B":
$returnString = shell_exec('ssh ssh-user@8.8.8.8 function-B 2>&1');
break;
case "function-C":
$returnString = shell_exec('ssh ssh-user@8.8.8.8 function-C 2>&1');
break;
case "function-D":
$returnString = shell_exec('ssh ssh-user@8.8.8.8 function-D 2>&1');
break;
case "function-E":
$returnString = shell_exec('ssh ssh-user@8.8.8.8 function-E 2>&1');
break;
case "function-F":
$returnString = shell_exec('ssh ssh-user@8.8.8.8 function-F 2>&1');
break;
default:
$returnString = "Bad Command";
break;
}
}
?>
<!DOCTYPE html>
<!--[if IE 8]> <html class="no-js lt-ie9" lang="en" > <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width" />
<title>SSH Website Controller</title>
<link rel="stylesheet" href="app.css" type="text/css" media="screen, projector, print" />
</head>
<body>
<!---------------------- navigation ------------------>
<!---------------------- title bar ------------------>
<section class="title-bar-small">
<div class="row ">
<div class="large-12 columns">
<h1>SSH Website Controller</h1>
</div>
</div>
</section>
<!---------------------- section ------------------>
<div class="divider-section-white"></div>
<section class="grey-row">
<div class="row">
</div>
<div class="row">
<div class="small-12 large-6 columns">
<p><h3>Please select an option:</h3></p>
<form class="margin-vert-top-20" id="menu" action="website-monitor.php" method='post'>
<input type="submit" class="small button radius" name="submit" value="function-A"></input>
<input type="submit" class="small button radius" name="submit" value="function-B"></input>
<input type="submit" class="small button radius" name="submit" value="function-C"></input>
<input type="submit" class="small button radius" name="submit" value="function-D"></input>
<input type="submit" class="small button radius" name="submit" value="function-E"></input>
<input type="submit" class="small button radius" name="submit" value="function-F"></input>
</form>
<?php if($returnString) { ?>
<textarea rows="12" cols="120" name="output"><?php echo $returnString; ?></textarea>
<?php } ?>
</div>
</div>
</section>
<!---------------------- section ------------------>
</body>
</html>
Just create the required files under /var/www/.ssh
known_hosts
id_rsa
with apache write permissions on known_hosts file and you should be laughing….
(Oh and sorry about the CSS in the code, I’m too lazy to remove it….)