Get Instant Secure Terminal Access to Any Machine Without Keys Or Passwords
Apr 12, 2024•5 min read
In the world of high-performance computing, efficiently accessing remote machines and a terminal is crucial for developers. The traditional approach here is to setup SSH and all the cloud VMs comes with SSH built in. However, it comes with challenges too, remembering the password or managing SSH keys etc. It become more challenging if multiple users are involved or if its not a cloud machine at all, instead a computer in the private network, like office or home. Setting up port forwarding or using a reverse tunneling tool and having multiple user accounts configured can be time-consuming. Almost always we end up sharing of SSH keys or managing public key exchanges. These methods, while secure, demand substantial setup efforts, including generating and distributing SSH keys, configuring port forwarding rules, and specifying detailed SSH commands for secure tunneling. Localportal aims to simplify this process by introducing browser-based terminal app, leveraging reverse tunneling to establish secure connections and streamline remote access and collaboration.
Why Terminal On The Browser Is A Good Idea?
Traditional and most trusted way of accessing a remote machine is SSH from your local terminal. It is often the better choice, until it isn't. SSH can be passwordless and more secure in a way, as it uses the tool you are comfortable with and feels local. Many tools, like VScode, use SSH for remote connection. Even browser-based terminals like cloud-shell use SSH to connect from their intermediary server to the actual VM (the user interface is still on the browser, but then the intermediary server that gets the user request terminates HTTP and then uses SSH from there onwards to connect to the end server). However, there are some disadvantages to using SSH as your channel to connect to remote machines, especially to local machines in private network because of the need for SSH local dynamic port forwarding or SSHing to local port or figuring out how to port forwarding for WSL if you are in Windows.
The disadvantages of relying solely on a native terminal-based SSH include:
- The need to always have your machine with you. You can't connect from your phone or tablet while on the go, although this limitation is often considered a security feature.
- Sharing the machine with colleagues can be cumbersome, especially if you have several machines that require collaborative access. At my previous company, for example, we had several GPU machines scattered around our office that all of us needed access to.
- Revoking access means you need to physically access the machine to remove the SSH private key. If you were sharing the same key, everyone would need to start using a new key.
What if we could create a browser-based terminal that goes over HTTP and is secure, while also addressing the issues mentioned above? This is what Localportal aims to solve. When you connect your machine to Localportal, we provide you with a unique URL to your (pseudo) desktop that includes the terminal app. Every single request to your machine, whether it's local or in the cloud, goes through our zero-trust interface servers and is verified with RBAC rules you have configured. This means you can access a terminal instantly, whenever you want, from any device—a laptop, tablet, phone, or even a watch screen. You can easily add or revoke access directly from the desktop, and enjoy other applications available on the desktop and in the curated app store. Let's take a look at how to achieve this step by step in the next section.
Get Instant Terminal With Localportal
Getting started with Localportal is only a two step process. Install the CLI and then connect to the server usng the command. Once you are connected, you have the URL to (pseudo) desktop which leads to the desktop we experience we have crafted for you on the browser.
On the desktop, you should find the Terminal app that opens a terminal window. The desktop and the interaction with the terminal should give you the feel of a native desktop, and you can open multiple apps together as well. Right-clicking on the Terminal app gives you the ability to open multiple instances of the terminal.
Note that this desktop view is secured by RBAC rules, and only you or those you have given access to are able to open the desktop or the terminal.
The terminal you get is a pseudo tty that functions over HTTP rather than SSH. That being said, it functions exactly like a native terminal you'd find on your local machine and is extremely fast (thanks to our own smart routing) such that you feel it's native.
Conclusion
We created Localportal to address the challenges we faced with remote access, particularly when dealing with machines in private networks and cloud VMs. Although cloud machines offer solutions like cloud shell, managing access to different machines can be cumbersome and frustrating. As developers, one of the core tools we rely on when accessing remote machines is the terminal/shell itself. However, existing reverse tunneling solutions often fail to provide secure and convenient terminal access. Localportal aims to bridge this gap by allowing you to transform all your machines, whether local or cloud-based, into Localportal instances. By bringing them together in a single dashboard, you can instantly obtain the fastest, fully functional, and easily shareable terminal access to any machine from any device. With Localportal, we strive to simplify remote access management and enhance the developer experience, ensuring that you can focus on your work without the hassle of managing multiple access methods.