I would like to share a small project I created for IPFire: ttyd for IPFire.
This unofficial plugin integrates the excellent ttyd web terminal into the IPFire WebUI, allowing administrators to access a terminal session directly from their browser without needing a separate SSH client.
Run the installer as root from the project directory after copying it to your IPFire system.
Uninstallation
sh uninstall.sh
Disclaimer
This is an unofficial community project and is not affiliated with or supported by the IPFire team. Please review the code and use it at your own discretion.
I hope this utility may be useful for other IPFire users who frequently manage their systems remotely through the WebUI.
Feedback, suggestions, and improvements are welcome.
I had the opportunity to try out the component on a test machine, just to understand how it’s structured and how it works in practice. I don’t intend to go into the details of what Michael explained in another post, as I don’t have his technical expertise.
From my tests, I think there’s still room for improvement to make your Pakfire more functional. First of all, it lacks a start and stop button for the service: I imagine if I were to install it on a production machine, I wouldn’t keep it constantly active, as it could increase the attack surface and therefore make the firewall more vulnerable.
Furthermore, it would be really helpful if the service appeared alongside the others on the services page, so it could be managed more immediately and integrated into the machine’s ecosystem.
I’ll conclude by saying that, as I said, I’ve only tested it on a test machine and I don’t know if I’ll ever install it on a production system, but I would definitely consider it if it became official.
Of course, this is my personal opinion; Perhaps other members of the community see the issue from a different perspective, and it would be interesting to discuss this as well.
Hi,
I’ll try it as soon as I can.
As I said, I don’t think I’ll ever put it on a production machine, but I’m curious to try it and see how it works.
Michael’s post targeted not the functionality ( a topic which is discussable always ), but the structure.
Our project has, among others, two important mechanisms
it is an Open Source project, that means (nearly) all components are documented by their source text that is freely accessible
new or changed parts go through a revision stage by competent developers.
Topic 1 is not true for ttyd ( and other projects of @fxneng ), so topic 2 isn’t possible.
Mainly the fact that the central programs are distributed as bin only, is a no go for IPFire.
I believe this is the key point of the discussion.
The issue is not necessarily whether ttyd is a good or bad solution from a functional perspective, but whether it meets the project’s governance and security requirements.
That is why I said that I would not install this component on a production machine. However, I had no problem testing it and providing constructive feedback.
On my firewall, I run both official components and components developed by members of this community, as well as one developed by myself—although, in that case, it was essentially just a copy-and-paste adaptation of something that was already official.
