├── .github └── workflows │ └── image.yml ├── README.md ├── centos ├── Dockerfile └── assets │ └── entrypoint.sh ├── fedora ├── Dockerfile └── assets │ └── entrypoint.sh ├── latest └── ubuntu ├── Dockerfile └── assets └── entrypoint.sh /.github/workflows/image.yml: -------------------------------------------------------------------------------- 1 | name: Build and Push the shellinabox Container Images 2 | on: 3 | push: 4 | branches: 5 | - main 6 | workflow_dispatch: {} 7 | schedule: 8 | - cron: '00 03 * * 0' 9 | 10 | jobs: 11 | image: 12 | runs-on: ubuntu-latest 13 | strategy: 14 | fail-fast: false 15 | matrix: 16 | os: 17 | - latest 18 | - ubuntu 19 | - centos 20 | - fedora 21 | steps: 22 | - name: Checkout Repository 23 | uses: actions/checkout@v3 24 | - name: Setup QEMU 25 | uses: docker/setup-qemu-action@v2 26 | - name: Setup Builder 27 | uses: docker/setup-buildx-action@v2 28 | - name: Login to GitHub Container Registry 29 | uses: docker/login-action@v2 30 | with: 31 | registry: ghcr.io 32 | username: ${{ github.actor }} 33 | password: ${{ secrets.GITHUB_TOKEN }} 34 | - name: Login to Docker Container Registry 35 | uses: docker/login-action@v2 36 | with: 37 | registry: docker.io 38 | username: ${{ secrets.DOCKER_USERNAME }} 39 | password: ${{ secrets.DOCKER_PASSWORD }} 40 | - name: Build and Push Container Image 41 | uses: docker/build-push-action@v3 42 | with: 43 | platforms: linux/amd64,linux/arm64 44 | context: ./${{ matrix.os }}/ 45 | pull: true 46 | push: true 47 | tags: | 48 | ghcr.io/sspreitzer/shellinabox-container-image:${{ matrix.os }} 49 | docker.io/sspreitzer/shellinabox:${{ matrix.os }} 50 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Table Of Contents 2 | 3 | - [Introduction](#introduction) 4 | - [Version](#version) 5 | - [Usage](#usage) 6 | - [Pull The Image](#pull-the-image) 7 | - [Run The Image](#run-the-image) 8 | - [Configuration](#configuration) 9 | - [Available Configuration Parameters](#available-configuration-parameters) 10 | - [References](#references) 11 | 12 | # Introduction 13 | 14 | Dockerfile to build a shellinabox container image. 15 | 16 | # Version 17 | 18 | Current Version: **2.20** 19 | 20 | # Usage 21 | 22 | ## Pull The Image 23 | 24 | Pull the latest image, which is *HEAD* of the git repository. 25 | 26 | ```bash 27 | docker pull sspreitzer/shellinabox:latest 28 | ``` 29 | 30 | ## Run The Image 31 | 32 | For example. 33 | 34 | ```bash 35 | docker run -p 4200:4200 -e SIAB_PASSWORD=xyz678abc -e SIAB_SUDO=true sspreitzer/shellinabox:latest 36 | ``` 37 | 38 | # Configuration 39 | 40 | ## Available Configuration Parameters 41 | 42 | - **SIAB_USERCSS**: String of configured and enabled css extensions. Defaults to system default list. 43 | - **SIAB_PORT** The port where shellinabox should listen to. Defaults to 4200. 44 | - **SIAB_ADDUSER** Whether to create a default user. Defaults to true. 45 | - **SIAB_USER** The name of the user. Defaults to guest. 46 | - **SIAB_USERID** The numeric ID of the user. Defaults to 1000. 47 | - **SIAB_GROUP** The primary group of the user. Defaults to guest. 48 | - **SIAB_GROUPID** The numeric ID of the primary group of the user. Defaults to 1000. 49 | - **SIAB_PASSWORD** The password of the user. Defaults to an autogenerated password, printed out on stdout. 50 | - **SIAB_SHELL** The shell of the user. Defaults to /bin/bash. 51 | - **SIAB_HOME** The home directory of the user. Defaults to /home/guest. 52 | - **SIAB_SUDO** Whether to allow user to sudo. Defaults to false. 53 | - **SIAB_SSL** Whether to enable ssl and create certificates on request. Defaults to true. 54 | - **SIAB_SERVICE** Service strings to use for shellinabox, separated by whitespace. Defaults to local logins */:LOGIN*. 55 | - **SIAB_PKGS** Packages to be installed before shellinabox starts. Defaults to none. 56 | - **SIAB_SCRIPT** Script to download and run before shellinabox start. SSL verification is disabled. Defaults to none. 57 | 58 | # References 59 | 60 | * https://github.com/sameersbn/docker-gitlab/blob/master/README.md 61 | * https://github.com/spali/docker-shellinabox 62 | 63 | -------------------------------------------------------------------------------- /centos/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM centos:7 2 | 3 | ENV SIAB_USERCSS="Colors:+/usr/share/shellinabox/color.css,Normal:-/usr/share/shellinabox/white-on-black.css,Monochrome:-/usr/share/shellinabox/monochrome.css" \ 4 | SIAB_PORT=4200 \ 5 | SIAB_ADDUSER=true \ 6 | SIAB_USER=guest \ 7 | SIAB_USERID=1000 \ 8 | SIAB_GROUP=guest \ 9 | SIAB_GROUPID=1000 \ 10 | SIAB_PASSWORD=putsafepasswordhere \ 11 | SIAB_SHELL=/bin/bash \ 12 | SIAB_HOME=/home/guest \ 13 | SIAB_SUDO=false \ 14 | SIAB_SSL=true \ 15 | SIAB_SERVICE=/:LOGIN \ 16 | SIAB_PKGS=none \ 17 | SIAB_PKGS2=none \ 18 | SIAB_SCRIPT=none 19 | 20 | RUN yum install -y epel-release && \ 21 | yum install -y openssh-clients sudo shellinabox && \ 22 | yum clean all && \ 23 | rm -rf /var/cache/yum 24 | 25 | EXPOSE 4200 26 | 27 | ADD assets/entrypoint.sh /usr/local/sbin/ 28 | 29 | ENTRYPOINT ["entrypoint.sh"] 30 | CMD ["shellinabox"] 31 | -------------------------------------------------------------------------------- /centos/assets/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | hex() 6 | { 7 | openssl rand -hex 8 8 | } 9 | 10 | echo "Preparing container .." 11 | COMMAND="shellinaboxd --debug --no-beep --disable-peer-check -u shellinabox -g shellinabox -c /var/lib/shellinabox -p ${SIAB_PORT} --user-css ${SIAB_USERCSS}" 12 | 13 | if [ "$SIAB_PKGS" != "none" ]; then 14 | set +e 15 | yum install -y ${SIAB_PKGS} 16 | [[ "$SIAB_PKGS2" != "none" ]] && yum install -y $SIAB_PKGS2 17 | yum clean all 18 | set -e 19 | fi 20 | 21 | if [ "$SIAB_SSL" != "true" ]; then 22 | COMMAND+=" -t" 23 | fi 24 | 25 | if [ "${SIAB_ADDUSER}" == "true" ]; then 26 | sudo="" 27 | if [ "${SIAB_SUDO}" == "true" ]; then 28 | sudo="-G wheel" 29 | fi 30 | if [ -z "$(getent group ${SIAB_GROUP})" ]; then 31 | groupadd -g ${SIAB_GROUPID} ${SIAB_GROUP} 32 | fi 33 | if [ -z "$(getent passwd ${SIAB_USER})" ]; then 34 | useradd -u ${SIAB_USERID} -g ${SIAB_GROUPID} -s ${SIAB_SHELL} -d ${SIAB_HOME} -m ${sudo} ${SIAB_USER} 35 | if [ "${SIAB_PASSWORD}" == "putsafepasswordhere" ]; then 36 | SIAB_PASSWORD=$(hex) 37 | echo "Autogenerated password for user ${SIAB_USER}: ${SIAB_PASSWORD}" 38 | fi 39 | echo "${SIAB_USER}:${SIAB_PASSWORD}" | chpasswd 40 | unset SIAB_PASSWORD 41 | fi 42 | fi 43 | 44 | for service in ${SIAB_SERVICE}; do 45 | COMMAND+=" -s ${service}" 46 | done 47 | 48 | if [ "$SIAB_SCRIPT" != "none" ]; then 49 | set +e 50 | curl -s -k ${SIAB_SCRIPT} > /prep.sh 51 | chmod +x /prep.sh 52 | echo "Running ${SIAB_SCRIPT} .." 53 | /prep.sh 54 | set -e 55 | fi 56 | 57 | echo "Starting container .." 58 | if [ "$@" = "shellinabox" ]; then 59 | echo "Executing: ${COMMAND}" 60 | exec ${COMMAND} 61 | else 62 | echo "Not executing: ${COMMAND}" 63 | echo "Executing: ${@}" 64 | exec $@ 65 | fi 66 | -------------------------------------------------------------------------------- /fedora/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM fedora:latest 2 | 3 | ENV SIAB_USERCSS="Colors:+/usr/share/shellinabox/color.css,Normal:-/usr/share/shellinabox/white-on-black.css,Monochrome:-/usr/share/shellinabox/monochrome.css" \ 4 | SIAB_PORT=4200 \ 5 | SIAB_ADDUSER=true \ 6 | SIAB_USER=guest \ 7 | SIAB_USERID=1000 \ 8 | SIAB_GROUP=guest \ 9 | SIAB_GROUPID=1000 \ 10 | SIAB_PASSWORD=putsafepasswordhere \ 11 | SIAB_SHELL=/bin/bash \ 12 | SIAB_HOME=/home/guest \ 13 | SIAB_SUDO=false \ 14 | SIAB_SSL=true \ 15 | SIAB_SERVICE=/:LOGIN \ 16 | SIAB_PKGS=none \ 17 | SIAB_SCRIPT=none 18 | 19 | RUN dnf install -y openssh-clients sudo shellinabox && \ 20 | dnf clean -y all && \ 21 | rm -rf /var/cache/dnf 22 | 23 | EXPOSE 4200 24 | 25 | ADD assets/entrypoint.sh /usr/local/sbin/ 26 | 27 | ENTRYPOINT ["entrypoint.sh"] 28 | CMD ["shellinabox"] 29 | -------------------------------------------------------------------------------- /fedora/assets/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | hex() 6 | { 7 | openssl rand -hex 8 8 | } 9 | 10 | echo "Preparing container .." 11 | COMMAND="shellinaboxd --debug --no-beep --disable-peer-check -u shellinabox -g shellinabox -c /var/lib/shellinabox -p ${SIAB_PORT} --user-css ${SIAB_USERCSS}" 12 | 13 | if [ "$SIAB_PKGS" != "none" ]; then 14 | set +e 15 | dnf install -y ${SIAB_PKGS} 16 | dnf clean all 17 | set -e 18 | fi 19 | 20 | if [ "$SIAB_SSL" != "true" ]; then 21 | COMMAND+=" -t" 22 | fi 23 | 24 | if [ "${SIAB_ADDUSER}" == "true" ]; then 25 | sudo="" 26 | if [ "${SIAB_SUDO}" == "true" ]; then 27 | sudo="-G wheel" 28 | fi 29 | if [ -z "$(getent group ${SIAB_GROUP})" ]; then 30 | groupadd -g ${SIAB_GROUPID} ${SIAB_GROUP} 31 | fi 32 | if [ -z "$(getent passwd ${SIAB_USER})" ]; then 33 | useradd -u ${SIAB_USERID} -g ${SIAB_GROUPID} -s ${SIAB_SHELL} -d ${SIAB_HOME} -m ${sudo} ${SIAB_USER} 34 | if [ "${SIAB_PASSWORD}" == "putsafepasswordhere" ]; then 35 | SIAB_PASSWORD=$(hex) 36 | echo "Autogenerated password for user ${SIAB_USER}: ${SIAB_PASSWORD}" 37 | fi 38 | echo "${SIAB_USER}:${SIAB_PASSWORD}" | chpasswd 39 | unset SIAB_PASSWORD 40 | fi 41 | fi 42 | 43 | for service in ${SIAB_SERVICE}; do 44 | COMMAND+=" -s ${service}" 45 | done 46 | 47 | if [ "$SIAB_SCRIPT" != "none" ]; then 48 | set +e 49 | curl -s -k ${SIAB_SCRIPT} > /prep.sh 50 | chmod +x /prep.sh 51 | echo "Running ${SIAB_SCRIPT} .." 52 | /prep.sh 53 | set -e 54 | fi 55 | 56 | echo "Starting container .." 57 | if [ "$@" = "shellinabox" ]; then 58 | echo "Executing: ${COMMAND}" 59 | exec ${COMMAND} 60 | else 61 | echo "Not executing: ${COMMAND}" 62 | echo "Executing: ${@}" 63 | exec $@ 64 | fi 65 | -------------------------------------------------------------------------------- /latest: -------------------------------------------------------------------------------- 1 | ubuntu -------------------------------------------------------------------------------- /ubuntu/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:latest 2 | 3 | ENV SIAB_USERCSS="Normal:+/etc/shellinabox/options-enabled/00+Black-on-White.css,Reverse:-/etc/shellinabox/options-enabled/00_White-On-Black.css;Colors:+/etc/shellinabox/options-enabled/01+Color-Terminal.css,Monochrome:-/etc/shellinabox/options-enabled/01_Monochrome.css" \ 4 | SIAB_PORT=4200 \ 5 | SIAB_ADDUSER=true \ 6 | SIAB_USER=guest \ 7 | SIAB_USERID=1000 \ 8 | SIAB_GROUP=guest \ 9 | SIAB_GROUPID=1000 \ 10 | SIAB_PASSWORD=putsafepasswordhere \ 11 | SIAB_SHELL=/bin/bash \ 12 | SIAB_HOME=/home/guest \ 13 | SIAB_SUDO=false \ 14 | SIAB_SSL=true \ 15 | SIAB_SERVICE=/:LOGIN \ 16 | SIAB_PKGS=none \ 17 | SIAB_SCRIPT=none 18 | 19 | RUN apt-get update && apt-get install -y openssl curl openssh-client sudo shellinabox && \ 20 | apt-get clean && \ 21 | rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && \ 22 | ln -sf '/etc/shellinabox/options-enabled/00+Black on White.css' \ 23 | /etc/shellinabox/options-enabled/00+Black-on-White.css && \ 24 | ln -sf '/etc/shellinabox/options-enabled/00_White On Black.css' \ 25 | /etc/shellinabox/options-enabled/00_White-On-Black.css && \ 26 | ln -sf '/etc/shellinabox/options-enabled/01+Color Terminal.css' \ 27 | /etc/shellinabox/options-enabled/01+Color-Terminal.css 28 | 29 | EXPOSE 4200 30 | 31 | VOLUME /etc/shellinabox /var/log/supervisor /home 32 | 33 | ADD assets/entrypoint.sh /usr/local/sbin/ 34 | 35 | ENTRYPOINT ["entrypoint.sh"] 36 | CMD ["shellinabox"] 37 | -------------------------------------------------------------------------------- /ubuntu/assets/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | hex() 6 | { 7 | openssl rand -hex 8 8 | } 9 | 10 | echo "Preparing container .." 11 | COMMAND="/usr/bin/shellinaboxd --debug --no-beep --disable-peer-check -u shellinabox -g shellinabox -c /var/lib/shellinabox -p ${SIAB_PORT} --user-css ${SIAB_USERCSS}" 12 | 13 | if [ "$SIAB_PKGS" != "none" ]; then 14 | set +e 15 | /usr/bin/apt-get update 16 | /usr/bin/apt-get install -y $SIAB_PKGS 17 | /usr/bin/apt-get clean 18 | /bin/rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* 19 | set -e 20 | fi 21 | 22 | if [ "$SIAB_SSL" != "true" ]; then 23 | COMMAND+=" -t" 24 | fi 25 | 26 | if [ "${SIAB_ADDUSER}" == "true" ]; then 27 | sudo="" 28 | if [ "${SIAB_SUDO}" == "true" ]; then 29 | sudo="-G sudo" 30 | fi 31 | if [ -z "$(getent group ${SIAB_GROUP})" ]; then 32 | /usr/sbin/groupadd -g ${SIAB_GROUPID} ${SIAB_GROUP} 33 | fi 34 | if [ -z "$(getent passwd ${SIAB_USER})" ]; then 35 | /usr/sbin/useradd -u ${SIAB_USERID} -g ${SIAB_GROUPID} -s ${SIAB_SHELL} -d ${SIAB_HOME} -m ${sudo} ${SIAB_USER} 36 | if [ "${SIAB_PASSWORD}" == "putsafepasswordhere" ]; then 37 | SIAB_PASSWORD=$(hex) 38 | echo "Autogenerated password for user ${SIAB_USER}: ${SIAB_PASSWORD}" 39 | fi 40 | echo "${SIAB_USER}:${SIAB_PASSWORD}" | /usr/sbin/chpasswd 41 | unset SIAB_PASSWORD 42 | fi 43 | fi 44 | 45 | for service in ${SIAB_SERVICE}; do 46 | COMMAND+=" -s ${service}" 47 | done 48 | 49 | if [ "$SIAB_SCRIPT" != "none" ]; then 50 | set +e 51 | /usr/bin/curl -s -k ${SIAB_SCRIPT} > /prep.sh 52 | chmod +x /prep.sh 53 | echo "Running ${SIAB_SCRIPT} .." 54 | /prep.sh 55 | set -e 56 | fi 57 | 58 | echo "Starting container .." 59 | if [ "$@" = "shellinabox" ]; then 60 | echo "Executing: ${COMMAND}" 61 | exec ${COMMAND} 62 | else 63 | echo "Not executing: ${COMMAND}" 64 | echo "Executing: ${@}" 65 | exec $@ 66 | fi 67 | --------------------------------------------------------------------------------