#GoTTY - Share your terminal as a web application
GoTTY Fork from https://github.com/yudai/gotty.git. A simple command line tool that turns your CLI tools into web applications.
Download the latest binary file from the Releases page.
(darwin_amd64.tar.gz
is for Mac OS X users)
sudo mkdir -p /var/lib/gotty
sudo ./gotty deamon
#open the url with an browser
#http://127.0.0.1:8080/demo
#get source
$go get github.com/yubo/gotty
$cd $GOPATH/src/github.com/yubo/gotty
#build prepare
$make tools
#build gotty
$make
#run
$make run
Usage: ./gotty [OPTIONS] COMMAND [arg...]
Usage: ./gotty [OPTIONS] COMMAND [arg...]
./gotty [OPTIONS] URL
Options:
-D debug
-alsologtostderr
log to standard error as well as files
-c string
Config file path (default "/etc/gotty/gotty.conf")
-h Print usage
-log_backtrace_at value
when logging hits line file:N, emit a stack trace (default :0)
-log_dir string
If non-empty, write log files in this directory
-logtostderr
log to standard error instead of files
-skip-tls-verify
Skip TLS verify
-stderrthreshold value
logs at or above this threshold go to stderr
-v value
log level for V logs
-vmodule value
comma-separated list of pattern=N settings for file-filtered logging
Commands:
daemon Enable daemon mode
exec Run a command in a new pty
ps List session
attach Attach to a seesion
close Close a pty/session
play replay recorded file in a webtty
convert convert seesion id to asciicast format(json)
version Show the gotty version information
$gotty deamon
# or
$sudo service gotty start
### /etc/gotty/gotty.conf
// Listen at port 9000 by default
port = "9000"
// Enable TSL/SSL by default
//enable_tls = true
// hterm preferences
// Smaller font and a little bit bluer background color
preferences {
font_size = 14
font_family = "Consolas, 'Liberation Mono', Menlo, Courier, monospace"
background_color = "rgb(16, 16, 32)"
}
Server side
#just allow 127.0.0.1 access
$gotty exec -name abc -w -addr 127.0.0.1 /bin/bash
#open access
$gotty exec -name abc -addr 0.0.0.0/0 top
#allow 127.0.0.0/8, 172.16.0.0/16 to access the tty, but can't write(allow with -a)
$gotty exec -w -share -name abc -addr=127.0.0.0/8,172.16.0.0/16 /bin/bash
Client side
$gotty "http://127.0.0.1:9000/?name=abc&addr=0.0.0.0/0"
Server side
$gotty attach -name bbb -sname abc -w
Client side
#Open the URL on Web browser
http://127.0.0.1:9000/?name=bbb&addr=0.0.0.0/0
# or
$gotty "http://127.0.0.1:9000/?name=bbb&addr=0.0.0.0/0"
# add -rec to record session
$gotty exec -name abc -w -rec -addr 127.0.0.0/8 /bin/bash
exec successful, name:"abc" addr:"127.0.0.0/8" recid:"535086102"
# replay
$gotty play -name=abc -speed=2.0 -addr=127.0.0.0/8 -id=535086102
play successful, name:"abc" addr:"127.0.0.0/8" recid:"535086102"
# Open http://127.0.0.1:9000/?name=abc&addr=127.0.0.0/8
$gotty ps -a
$gotty convert -i 535086102 -o out.json
#Close all session use the same pty(name:abc,addr:0.0.0.0)
$gotty close -a -name abc
#Just close a session
$gotty close -name abc
By default, GoTTY doesn't allow clients to send any keystrokes or commands except terminal window resizing. When you want to permit clients to write input to the TTY, add the -w
option. However, accepting input from remote clients is dangerous for most commands. When you need interaction with the TTY for some reasons, consider starting GoTTY with tmux or GNU Screen and run your command on it (see "Sharing with Multiple Clients" section for detail).
To restrict client access, you can use the -c
option to enable the basic authentication. With this option, clients need to input the specified username and password to connect to the GoTTY server. Note that the credentical will be transmitted between the server and clients in plain text. For more strict authentication, consider the SSL/TLS client certificate authentication described below.
The -r
option is a little bit casualer way to restrict access. With this option, GoTTY generates a random URL so that only people who know the URL can get access to the server.
All traffic between the server and clients are NOT encrypted by default. When you send secret information through GoTTY, we strongly recommend you use the -t
option which enables TLS/SSL on the session. By default, GoTTY loads the crt and key files placed at ~/.gotty.crt
and ~/.gotty.key
. You can overwrite these file paths with the --tls-crt
and --tls-key
options. When you need to generate a self-signed certification file, you can use the openssl
command.
openssl req -x509 -nodes -days 9999 -newkey rsa:2048 -keyout ~/.gotty.key -out ~/.gotty.crt
(NOTE: For Safari uses, see how to enable self-signed certificates for WebSockets when use self-signed certificates)
For additional security, you can use the SSL/TLS client certificate authentication by providing a CA certificate file to the --tls-ca-crt
option (this option requires the -t
or --tls
to be set). This option requires all clients to send valid client certificates that are signed by the specified certification authority.
$ gotty -w docker run -it --rm busybox
You can build a binary using the following commands. Windows is not supported now.
# Install tools
go get github.com/jteeuwen/go-bindata/...
go get github.com/tools/godep
# Restore libraries in Godeps
godep restore
# Build
make
- gotty-client: If you want to connect to GoTTY server from your terminal
- Secure Shell (Chrome App): If you are a chrome user and need a "real" SSH client on your web browser, perhaps the Secure Shell app is what you want
- Wetty: Node based web terminal (SSH/login)
- tmate: Forked-Tmux based Terminal-Terminal sharing
- termshare: Terminal-Terminal sharing through a HTTP server
- tmux: Tmux itself also supports TTY sharing through SSH)
The MIT License