Deploying Sshwifty

Introduction

Sshwifty is a web-based SSH and Telnet client that allows you to connect to remote servers directly from your web browser. No client software installation is required - just open the webpage and connect. This makes it perfect for accessing servers from restricted networks, shared computers, or any device with a modern web browser.

Built with Go and featuring a clean, responsive interface, Sshwifty provides a full terminal experience in the browser with features like multiple concurrent sessions, connection presets, and secure communication.

Key highlights of Sshwifty:

Web-Based Access: Connect to SSH/Telnet from any browser
No Client Installation: Works without installing any software
Multiple Sessions: Open multiple terminal sessions simultaneously
Connection Presets: Save frequently used connections
Secure Communication: All traffic encrypted through HTTPS
Responsive Design: Works on desktop, tablet, and mobile
Keyboard Shortcuts: Full keyboard support for efficient use
Copy/Paste Support: Transfer text between terminals and browser
Authentication Support: Password, key-based, and keyboard-interactive auth
Telnet Support: Connect to legacy Telnet servers
Lightweight: Minimal server resource requirements
Open Source: AGPLv3 licensed

This guide walks through deploying Sshwifty on Klutch.sh using Docker for secure web-based server access.

Why Deploy Sshwifty on Klutch.sh

Deploying Sshwifty on Klutch.sh provides several advantages:

Simplified Deployment: Klutch.sh handles the container deployment automatically.

HTTPS by Default: Secure terminal sessions with automatic SSL certificates.

Access from Anywhere: Reach your servers from any network with web access.

GitHub Integration: Version control your configuration and deploy updates automatically.

No Client Software: Access servers from computers where you can’t install software.

Custom Domains: Use a memorable URL for your web terminal.

Always Available: 24/7 access to your web terminal gateway.

Network Bypass: Access servers when SSH ports are blocked but HTTPS is allowed.

Prerequisites

Before deploying Sshwifty on Klutch.sh, ensure you have:

A Klutch.sh account
A GitHub account with a repository for your configuration
SSH servers to connect to (ensure they’re accessible from Klutch.sh)
Basic familiarity with Docker
(Optional) A custom domain for your Sshwifty instance

Deploying Sshwifty on Klutch.sh

Create a GitHub Repository

Create a new GitHub repository for your Sshwifty deployment.

Create Your Dockerfile

Create a Dockerfile in your repository:

FROM niruix/sshwifty:latest

# Sshwifty runs on port 8182 by default
# Configuration is done through environment variables or config file

EXPOSE 8182

HEALTHCHECK --interval=30s --timeout=10s --start-period=10s --retries=3 \
  CMD wget --no-verbose --tries=1 --spider http://localhost:8182/ || exit 1

Create Configuration File (Optional)

For advanced configuration, create sshwifty.conf.json:

{
  "HostName": "",
  "SharedKey": "your-shared-secret-key",
  "DialTimeout": 10,
  "Socks5": "",
  "Socks5User": "",
  "Socks5Password": "",
  "Servers": [
    {
      "ListenInterface": "0.0.0.0",
      "ListenPort": 8182,
      "InitialTimeout": 3,
      "ReadTimeout": 60,
      "WriteTimeout": 60,
      "HeartbeatTimeout": 20,
      "ReadDelay": 10,
      "WriteDelay": 10,
      "TLSCertificateFile": "",
      "TLSCertificateKeyFile": ""
    }
  ],
  "Presets": [
    {
      "Title": "Production Server",
      "Type": "SSH",
      "Host": "server.example.com:22",
      "Meta": {
        "User": "admin",
        "Encoding": "utf-8"
      }
    }
  ],
  "OnlyAllowPresetRemotes": false
}

Push Your Repository to GitHub

Commit and push your Dockerfile and optional configuration.

Create a New Project on Klutch.sh

Navigate to the Klutch.sh dashboard and create a new project.

Create a New App

Within your project, create a new app and connect your GitHub repository.

Configure HTTP Traffic

In the deployment settings:

Select HTTP as the traffic type
Set the internal port to 8182

Set Environment Variables

Configure the following environment variables:

Variable	Value
`SSHWIFTY_SHAREDKEY`	A secret key to access the interface (optional)
`SSHWIFTY_DIALTIMEOUT`	Connection timeout in seconds (default: 10)

Deploy Your Application

Click Deploy to build and start Sshwifty.

Access Sshwifty

Once deployment completes, access Sshwifty at https://your-app-name.klutch.sh.

Using Sshwifty

Connecting to a Server

Navigate to your Sshwifty URL
If configured, enter the shared key
Click Connect
Select SSH or Telnet
Enter server address and port
Provide authentication credentials
Connect and use the terminal

SSH Authentication Methods

Method	Description
Password	Simple password authentication
Key-based	Paste private key content directly
Keyboard-interactive	Multi-factor or challenge-response

Using Connection Presets

If presets are configured:

Open the connection dialog
Select from predefined servers
Enter only the required credentials
Connect quickly to frequent destinations

Multiple Sessions

Open multiple terminal sessions:

Click the + button to add a new session
Switch between sessions using tabs
Close sessions when finished

Terminal Features

Full keyboard support
Copy with selection, paste with right-click or Ctrl+V
Resize terminal with window
Scroll back through history

Configuration Options

Environment Variables

Variable	Description
`SSHWIFTY_SHAREDKEY`	Access key for the web interface
`SSHWIFTY_DIALTIMEOUT`	Connection timeout in seconds
`SSHWIFTY_SOCKS5`	SOCKS5 proxy address
`SSHWIFTY_SOCKS5USER`	SOCKS5 proxy username
`SSHWIFTY_SOCKS5PASSWORD`	SOCKS5 proxy password
`SSHWIFTY_PRESETS`	JSON array of connection presets
`SSHWIFTY_ONLYALLOWPRESETREMOTES`	Restrict to preset connections only

Security Settings

For production deployments:

Set a strong SSHWIFTY_SHAREDKEY to restrict access
Consider using SSHWIFTY_ONLYALLOWPRESETREMOTES to limit destinations
Monitor access logs for unauthorized attempts

Preset Configuration

Define presets through environment variable:

[
  {
    "Title": "Web Server",
    "Type": "SSH",
    "Host": "web.example.com:22",
    "Meta": {
      "User": "deploy"
    }
  },
  {
    "Title": "Database Server",
    "Type": "SSH",
    "Host": "db.example.com:22",
    "Meta": {
      "User": "admin"
    }
  }
]

Security Considerations

Access Control

Always set a shared key in production
Use strong, unique shared keys
Consider IP allowlisting if possible
Monitor access logs

Network Security

Sshwifty connects from its deployment location
Ensure target servers accept connections from Klutch.sh
All browser-to-Sshwifty traffic is encrypted via HTTPS
SSH traffic to servers uses standard SSH encryption

Credential Handling

Credentials are not stored by Sshwifty
Each session requires re-authentication
Private keys are held in memory only during session

Troubleshooting

Cannot Connect to Server

Verify server address and port are correct
Check that the server is accessible from Klutch.sh
Ensure SSH port is not blocked by firewall
Test with timeout adjustments

Connection Drops

Increase timeout values
Check for network stability issues
Verify server-side timeout settings

Authentication Failed

Verify credentials are correct
Check authentication method is supported
For key authentication, ensure key format is correct

Shared Key Not Working

Ensure key matches exactly (case-sensitive)
Check for extra spaces or characters
Verify environment variable is set correctly

Additional Resources

Conclusion

Deploying Sshwifty on Klutch.sh gives you a secure, web-based gateway to your SSH and Telnet servers. Access your servers from any device with a web browser, bypass restrictive networks that block SSH, and eliminate the need for client software installation. With automatic HTTPS encryption and flexible authentication options, Sshwifty on Klutch.sh provides convenient yet secure terminal access.