Ad Widget

**prostrelov** · 14-08-2012, 13:16

[2012#08#16]
Done it !

ssh.sh - no SSL. Totally unsecure.

Code:

#!/bin/bash

function connect {
shellinaboxd --cgi -t -s /:SSH:$parms
}

parms=$QUERY_STRING
connect

telnet.sh - no SSL. Totally unsecure.

Code:

#!/bin/bash

#address in url must be in this syntax
#<aaa.bbb.ccc.ddd>:<port>

function connect {
shellinaboxd --cgi -t -s /:$(id -u):$(id -g):HOME:"telnet $telnet_address $telnet_port"
}

parms=$QUERY_STRING
telnet_address=`echo $parms|awk -F":" '{ print$1 }'`
telnet_port=`echo $parms|awk -F":" '{ print$2 }'`

connect

But i don't understand this "/:$(id -u):$(id -g)"
Didn't find this in shellinabox man.

**sersad** · 22-09-2013, 21:44

in version 2.0
SSH shellinabox
VNC guacamole

scripts_exec.php

PHP Code:


.....

if (isset($_REQUEST['execute'])) {

    $scriptid = get_request('scriptid');

    $hostid = get_request('hostid');



//VNC connect

if ($_REQUEST['scriptid']==5)

{

        $ip = array(

                'message' => '',

                'info' => DBfetch(DBselect('SELECT interface.ip FROM interface,hosts WHERE hosts.hostid=interface.hostid AND interface.main =1 AND hosts.hostid='.$hostid))

        );

    $code = array_shift( $ip['info'] );

    header('Location: http://<servername>:8080/guacamole/client.xhtml?id='.$code);

}

//END VNC code 



///SSH Connect

if ($_REQUEST['scriptid']==4)

{

        $ip = array(

                'message' => '',

                'info' => DBfetch(DBselect('SELECT interface.ip FROM interface,hosts WHERE hosts.hostid=interface.hostid AND interface.main =1 AND hosts.hostid='.$hostid))

        );

    $code = array_shift( $ip['info'] );

    header('Location: http://<servername>/cgi-bin/ssh.sh?'.$code);

}

///END SSH

....

SSH no SSL (

Attached Files

**sersad** · 22-09-2013, 21:49

Telnet shellinabox

PHP Code:


///Telnet Connect

if ($_REQUEST['scriptid']==8)

{

        $ip = array(

                'message' => '',

                'info' => DBfetch(DBselect('SELECT interface.ip FROM interface,hosts WHERE hosts.hostid=interface.hostid AND interface.main =1 AND hosts.hostid='.$hostid))

        );

    $code = array_shift( $ip['info'] );

    header('Location: http://<servername>/cgi-bin/telnet.sh?'.$code);

}

///END Telnet

**BAKMAH** · 24-02-2014, 11:52

Can anyone help with zabbix 2.2 scripts_exec.php modification?
Works well @ 2.0 , but on 2.2 - failed with my php skills.
Thanx

**stevenyu** · 19-03-2015, 22:08

Anyone had any success with 2.4, the php acton page seems to be quite different to the previous version, and the script execution seems to be done within thr API...

**globe** · 29-06-2016, 14:28

ported to zabbix 3.0?

did anybody port it to Zabbix 3.0?

**sgalliani** · 07-11-2016, 16:04

Yup wondering the same thing, this would be an excellent feature to have onboard

**sgalliani** · 07-11-2016, 16:06

Originally posted by skygge

Hi all,

I want to tell you how to connect to hosts over SSH using context menu in Zabbix dashboard page.
I really missed this feature so I made it single-handedly.

As you know, scripts are executed on server side, there's no way to run "putty" on your PC that way.

I used SSH java applet "MindTerm" which I installed on Zabbix PHP front-end server, here is download link:

Zero Trust Network Access & Fraud Protection Solutions

http://www.appgate.com/index/products/mindterm

Appgate offers comprehensive cybersecurity solutions, specializing in Universal Zero Trust Network Access (ZTNA) and advanced fraud protection to secure…

Download this applet and unpack to directory on server where is your Zabbix PHP front-end located.
In my example it is /var/www/html/zabbix/mindterm

After downloading and extracting, you must sign your applet with certificate.
Proper tools are provided with Java JDK package.

Here's the procedure:

Generate key:

Code:

keytool -genkey -keyalg rsa -alias testkey

Export key:

Code:

keytool -export -alias testkey -file testcert.crt

Check JAR file:

Code:

jar tvf mindterm.jar

Sign JAR file:

Code:

jarsigner mindterm.jar testkey

Verify sign:

Code:

jarsigner -verify -verbose -certs mindterm.jar

So, we have signed SSH applet.
How to use it?

First, create a script in Zabix Administration panel.
The script doesn't need to do anything, you may use command that does nothing,
eg.: /bin/echo "Hello world!" > /dev/null

In my example I created (for testing) a little bash script that does nothing:

And the script itself (/home/zabbix/bin/test):

Code:

#!/bin/sh
exit 0

We need the Zabbix "scriptid", you can find it in your browser status bar when you hover your script name on the list.

It looks like this. My sriptid=6, as you can see:

Then we need to modify Zabbix page "scripts_exec.php" in main directory of Zabbix PHP front-end.

The concept:
I want to run java applet in result message window, when I click "SSH Connect" in dashboard context menu, with specified destination host IP passed by applet parameter, without typing IP by hand.
So we need to know IP of chosen host, and our scriptid.

The modified file "scripts_exec.php" is attached to this post.
You can replace this file (backup the old one first), changing scriptid and path to applet .jar file only.
That's all.

How it works?

Do you like it?

Final words:
Remember, although applet is located on server, it runs on your desktop, so you need access to hosts you want connect to.
I always need to connect to my VPN server when I'm out of office before I use this tool to connect to servers inside my company network.
Of course your browser must support JAVA.

If you want to use this feature in IE, you will need "mindterm_ie.cab" file,
which is NOT included in MindTerm applet archive.
But it's easy to find it with google, just up to 5 min. searching.

In the same way you can add more features, eg. "VNC view" using this applet:

Download TightVNC

http://www.tightvnc.com/download.html

TightVNC - VNC-Compatible Remote Desktop Software

Any comments welcomed.
Environment used in this example: Zabbix 1.6.4 on Linux server

Have fun!
Skygge.

PS. This is my first post here. Sorry 4 my bad english. Zabbix is great!

Hello, have you manage to see if this works with Zabbix 3?

**nvv4421** · 10-11-2016, 11:38

Originally posted by sgalliani

Hello, have you manage to see if this works with Zabbix 3?

It managed to sell ??

**sgalliani** · 10-11-2016, 16:08

Originally posted by nvv4421

It managed to sell ??

sell it?, no was just asking if anyone had an updated procedure as i'm not sure the first one posted would work,
Sort of a beginner in Zabbix so not sure how to adapt the script to the new one

**flaporta** · 07-03-2017, 14:33

Mindterm.jar with Zabbix 3.0.7

This is how I am doing it. Follow the directions at the top of this thread to download and sign the mindterm.jar file.

my setup has three Zabbix server. One frontend with the website, One running Zabbix server and One running mysql database.

Create a bash script. I called it myterm.sh. The contents are below but I changed the IP addresses for obvious reasons. You need to change IP addresses as well for them to work in your environment. The script contains comments that should help you complete the setup.

#!/bin/bash

# Obtain your workstation IP address from apache access list. Zabbix user will need read access to that log file. I use passwordless ssh keys for zabbix user to connect from zabbix server to zabbix front-end server and retrieve IP address of my workstation. This is the only way I could think of to get my workstation IP and it works 95 percent of the time for me as not many folks connect to Zabbix frontend besides me.

IP=`ssh 10.74.2.93 /bin/tail -5 /var/log/httpd/access_log| /bin/egrep "10.76.23|10.76.19|10.76.24" | /bin/awk -F " " '{print $1}' |uniq`

#export your display.

export DISPLAY=$IP:0.0
/bin/xhost +

# start mindterm.jar file and options wanted.

/bin/java -jar /var/lib/zabbix/mindterm/mindterm.jar -server $1 -x11fwd true -bg-color black -fg-color white -font-size 14 -font-name "Courier 10 Pitch" -save-lines 8192 -protocol ssh2

#### in Zabbix 3.0 create the dashboard script to point to this bash script. example command window: /var/lib/zabbix/mindterm/myterm.sh {HOST.CONN} 2>&1

## You will need to install Xming on your workstation and start Xming server. Also you will need to add your zabbix server's IP address to Xming XO.hosts file.

**hemh** · 15-03-2024, 18:28

It is a very interesting feature, such a shame it has not been added natively to Zabbix, coupled to the capacity monitoring dasboard has a contextual script, it would be awesome! https://www.zabbix.com/forum/zabbix-...onitoring-tool

Are you guys still using it on 6.4 version?

**cyber** · 18-03-2024, 15:31

Originally posted by hemh

Are you guys still using it on 6.4 version?

Did you look on the date of a last post, before waking it up from slumber..

last mentioned version vas 3.0....

Ad Widget

"SSH Connect" in Dashboard context menu - HOWTO

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment