GATEONE
########
8/15/2013
WHAT IS IT?
###########
Amazing html5 web based ssh client, keeps bookmarks, saves keys and sessions, its secure and you can record, also it can load images and do graphs and much more
Check out the video here: http://liftoffsoftware.com/Products/GateOne
All of the docs: http://liftoff.github.io/GateOne/
TO GET
#####
With browser go here
https://github.com/liftoff/GateOne/downloads
Right click get the link for debian gateone deb file: https://github.com/downloads/liftoff/GateOne/gateone_1.1-1_all.deb
Also get the link for tornado: https://github.com/downloads/liftoff/GateOne/python-tornado_2.4-1_all.deb
===LOG IN AS ROOT:===
sudo -i
or
su
===INSTALL THE DEPENDENCIES FIRST:===
apt-get -y install python-tornado
apt-get -y install python-pip
apt-get -y install dtach
apt-get -y install python-pyopenssl
apt-get -y install python-kerberos
apt-get -y install python-dev
apt-get -y install git
apt-get -y install build-essential
Check Pre reqs:
Requirement Version
Python 2.6+ or 3.2+
Tornado Framework 2.2+
python -V Python
answer should be above 2.6 or 3.2
python -c “import tornado; print(tornado.version)”
answer should be above 2.2
===DOWNLOAD AND INSTALL GATEONE===
Pick one method
===DOWNLOAD THE STUFF – METHOD 1:===
cd ~
wget https://github.com/downloads/liftoff/GateOne/gateone_1.1-1_all.deb
wget https://github.com/downloads/liftoff/GateOne/python-tornado_2.4-1_all.deb # <– might not need that if already have pythong-tornado
dpkg -i gateone*deb
dpkg -i python*tornado*deb # <— might not need that if already have python-tornado
===DOWNLOAD THE STUFF – METHOD 2:===
git clone https://github.com/liftoff/GateOne.git
cd GateOne
./setup.py install
* As I am not sure if this method gets the /etc/init.d/gateone file – since I didnt do this one – I will include it @ the bottom — I just looked at the code in setup.py and it looks like it does take care of the init scripts smartly for each type of os (specifically debian and redhat and gentoo, for other flavors manual work or forums or google searchs can be friends)
===RUNNING THE APP===
This installation will make a gateone start file in /etc/init.d/gateone (if not there is a copy @ the bottom of this article). That is not how we will first start this.
First go to the install dir.
cd /opt/gateone
We need to configure gateone – but the config file isnt there until we start the app. So start and stop it. The next times it runs gateone will look at the config file as it will exist
./gateone.py
Then stop it right after you see that it stabilizes with messages using CONTROL-C – not you might have some errors ignore em for now – anyhow while its stabilizing it wrote the certificate.pem file and also your server.conf file which we will edit.
You can also do command line options instead of start and stop using ./gateone.py –help and each option translates to a directive in the config file.
===SERVER.CONF====
Edit the server.conf
vi /opt/gateone/server.conf
(part1 – auth)
If you want google auth change the following (each auth option is described here in detail: http://liftoff.github.io/GateOne/Developer/auth.html ):
Change this:
auth = “none”
To this:
auth = “google”
Then next time you log in it will save your settings using your google auth stuff 🙂 its awesome
(part2 – origins)
Final config change:
So the origins line is very important
By default its:
origins = “http://localhost;https://localhost;http://127.0.0.1;https://127.0.0.1;https://localhost;https://ecdebi7;https://127.0.0.1”
But I will be accessing gateone without any of those names, I will be accessing it with https://gateone.infotinks.com – so I add it to the end
Then my origins line will look like this:
origins = “http://localhost;https://localhost;http://127.0.0.1;https://127.0.0.1;https://localhost;https://ecdebi7;https://127.0.0.1;https://gateone.infotinks.com”
Also if in the case I was accessing it via a different port (still using the https protocol though) like for example https://gateone.infotinks.com:5432
Then my origins line will look like this:
origins = “http://localhost;https://localhost;http://127.0.0.1;https://127.0.0.1;https://localhost;https://ecdebi7;https://127.0.0.1;https://gateone.infotinks.com:5432”
===TEST TRY===
cd /opt/gateone
./gateone.py
Messages will show up which are good.
Log in with browser to https://gateone.infotinks.com:5432 or from local https://localhost:5234 (note if you got the origins line wrong an error message will appear and tell you actually what to append in to make it work)
Look through the messages if you encounter errors usually its because something is missing so install it with apt-get or aptitude, on other errors just google em, and some errors you can ignore.
Watch the messages you get as you log in and log out
===FINAL SETUP: start on boot and shut on halt/reboot===
The long adventure is because update-rd.d gave some issues at first because the /etc/init.d/gateone had wrong runlevel values for the default-start and default-stop. Finally after fixing that it still gave me the wrong issue, where the start scripts kept coming up first. If that didnt make sense dont worry about it, just read either the short or the long or both.
===FINAL SETUP: start on boot and shut on halt/reboot – SHORT===
In my system I need to find out what runlevels correspond to booting up (thus starting gateone) or shutting down/ rebooting (turning off gateone). When we shutdown/reboot we should kill gateone before all the other apps, and when we boot up gateone should come up laste (after things like internet connection etc)
cat /etc/inittab
There is a section like this:
# Runlevel 0 is halt. (make these into KILL scripts K)
# Runlevel 1 is single-user. (make these into KILL scripts K – why single user is kill is because this is like a safemode only certain select things start in this mode because its safe mode)
# Runlevels 2-5 are multi-user. (make these into START scripts S)
# Runlevel 6 is reboot. (make these into KILL scripts K)
I added in the parenthesis but basically we need the following
Runlevel 0: K
Runlevel 1: K
Runlevel 2-5: S
Runlevel 6: K
I need to make sure I pick good numbers for that so get tree really quick so I can show off that app.
apt-get install tree
tree /etc/rc*
Notice most of the S are from 1 to 14 and most of the K are from 1 to 8. Since we want to be among the first with K (stoping/killing gateone) I will pick 1, if another app has that as well its okay it will do it alphabetically after numerical order.
For Starting I will pick 20 as that number is way past anything else starting up, so it will def start last.
Remeber the symbolic link notation is “ln -s <file with data> <new shortcut to make a.k.a the new symlink>”
ln -s /etc/init.d/gateone /etc/rc0.d/K01gateone
ln -s /etc/init.d/gateone /etc/rc1.d/K01gateone
ln -s /etc/init.d/gateone /etc/rc2.d/S20gateone
ln -s /etc/init.d/gateone /etc/rc3.d/S20gateone
ln -s /etc/init.d/gateone /etc/rc4.d/S20gateone
ln -s /etc/init.d/gateone /etc/rc5.d/S20gateone
ln -s /etc/init.d/gateone /etc/rc6.d/K01gateone
Confirm with:
tree /etc/rc*
ls -la /etc/{rc?.d,init.d,default}/*gateone
The end, now reboot and your good to go
reboot
By the way the update-rc.d program just automates what we just did about with the ln -s
===FINAL SETUP: start on boot and shut on halt/reboot – LONG ADVENTURE===
This next part you dont have to do if this tree command has output
First install tree so you can see what currently boots and shutdown in the /etc/rc scripts
apt-get install tree
tree /etc/rc* | egrep gate
If you just saw some output you can skip the rest and your done, just reboot your computer and make sure gateone loaded on boot – if it didnt then look back on this section
Well that was nice and all but lets make this thing start and close on boot. It made the /etc/init.d/ script called /etc/init.d/gateway with which i can start and stop the app. But it didnt put em in the associated runlevels
0 for when i shut the system down or halt, 6 for when I reboot, or 2 for when I boot normally
How do I know those numbers:
cat /etc/inittab
In there you will see the numbers
To see the current level which is 2 for debian if your booted normal mode:
runlevel
OUTPUT: N 2 <- the 2 means the current runlevel
So how do we make it load on start up shutdown on reboot/halt?
update-rc.d or manually do symlinks from each /etc/rc#.d directory
You want gateone to boot last and reboot first. OR be one of the last for boot and first for shutdown respectively.
tree /etc/rc*
In here you see the files that are start in numberical order with S and ended with K (also in numberical order)
I can see that most of my boot numbers(start up scripts) end at 14 (the ones starting with S) and all of the shutdown/reboot ones (kill scripts) start at 1 and end at 8
For booting up I will pick 20 as my last numbers are like 14.
So I will pick 1 for killing as I want to be one of the first(you can have several files be the same number they will just go by alphabetical order then)
update-rc.d gateone defaults 20 1
We get the warning:
update-rc.d: warning: default start runlevel arguments (2 3 4 5) do not match gateone Default-Start values (3 4 5)
update-rc.d: warning: default stop runlevel arguments (0 1 6) do not match gateone Default-Stop values (0 1 2 6)
Verify it put it correctly:
# tree /etc/rc* | egrep gate
|– K01gateone -> ../init.d/gateone
|– K01gateone -> ../init.d/gateone
|– K01gateone -> ../init.d/gateone
|– S01gateone -> ../init.d/gateone
|– S01gateone -> ../init.d/gateone
|– S01gateone -> ../init.d/gateone
|– K01gateone -> ../init.d/gateone
Here is a way to look without tree:
ls -la /etc/{rc?.d,init.d,default}/*gateone
For me it didnt do it right so you can remove em and try again – notice the K1 which right means it turns of among the first but S is also 1 I wanted it to be 20.
update-rc.d -f gateone remove
tree /etc/rc* | egrep gate
This now has no output as the symlinks were removed by update-rc.d remove
Lets examine the script /etc/init.d/gateway the very top lines that are commented out:
#!/bin/sh
### BEGIN INIT INFO
# Provides: gateone
# Required-Start: $network $local_fs $remote_fs
# Required-Stop: $network $local_fs $remote_fs
# Default-Start: 3 4 5
# Default-Stop: 0 1 2 6
# Short-Description: Starts and stops Gate One
### END INIT INFO
#
# Start/stops the Gate One daemon (gateone.py).
#
Notice in the gateone script the Default-Start is 3 4 5 and the Default-Stop is 0 1 2 6
Well my system disagrees with that layout because if you look at my /etc/inittab (the one that lays down the hammer in the system about which runlevel does what, so which ones should start and whichones should kill things)
There is this part in it
cat /etc/inittab
# Runlevel 0 is halt.
# Runlevel 1 is single-user.
# Runlevels 2-5 are multi-user.
# Runlevel 6 is reboot.
So in my case the stops (default stops) should be happening on the halt and the reboot so thats 0 and 6. And the starts (Default starts) should be happening at 1,2,3,4,5
Can we just erase those lines – the ones that say Default-Start and DEfault-Stop and hope it does it correctly? No I just tried without those lines there the update-rc.d program errors out
vi /etc/init.d/gateone
So we must manually change this:
# Default-Start: 3 4 5
# Default-Stop: 0 1 2 6
To this (we count Single user and start and stop kill scripts for most apps – why single user? because its ment to be like a “safe mode”):
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
So this tells you that update-rc.d looks at the commented out lines at the top of the init scripts.
Even after changing that it didnt benefit the results – the errors went away but the numbers are the same:
ls -la /etc/{rc?.d,init.d,default}/*gateone
-rwxr-xr-x 1 root root 1971 Aug 16 07:15 /etc/init.d/gateone
lrwxrwxrwx 1 root root 17 Aug 16 07:15 /etc/rc0.d/K01gateone -> ../init.d
lrwxrwxrwx 1 root root 17 Aug 16 07:15 /etc/rc1.d/K01gateone -> ../init.d
lrwxrwxrwx 1 root root 17 Aug 16 07:15 /etc/rc2.d/S01gateone -> ../init.d
lrwxrwxrwx 1 root root 17 Aug 16 07:15 /etc/rc3.d/S01gateone -> ../init.d
lrwxrwxrwx 1 root root 17 Aug 16 07:15 /etc/rc4.d/S01gateone -> ../init.d
lrwxrwxrwx 1 root root 17 Aug 16 07:15 /etc/rc5.d/S01gateone -> ../init.d
lrwxrwxrwx 1 root root 17 Aug 16 07:15 /etc/rc6.d/K01gateone -> ../init.d
I need 2,3,4,5 to be S20 not S01, The K01 is correct lets just do it manually
rm /etc/rc2.d/S01gateone
rm /etc/rc3.d/S01gateone
rm /etc/rc4.d/S01gateone
rm /etc/rc5.d/S01gateone
Relink correctly:
ln -s /etc/init.d/gateone /etc/rc2.d/S20gateone
ln -s /etc/init.d/gateone /etc/rc3.d/S20gateone
ln -s /etc/init.d/gateone /etc/rc4.d/S20gateone
ln -s /etc/init.d/gateone /etc/rc5.d/S20gateone
ls -la /etc/{rc?.d,init.d,default}/*gateone
lrwxrwxrwx 1 root root 17 Aug 16 07:15 /etc/rc0.d/K01gateone -> ../init.d/gateone
lrwxrwxrwx 1 root root 17 Aug 16 07:15 /etc/rc1.d/K01gateone -> ../init.d/gateone
lrwxrwxrwx 1 root root 19 Aug 16 07:21 /etc/rc2.d/S20gateone -> /etc/init.d/gateone
lrwxrwxrwx 1 root root 19 Aug 16 07:21 /etc/rc3.d/S20gateone -> /etc/init.d/gateone
lrwxrwxrwx 1 root root 19 Aug 16 07:21 /etc/rc4.d/S20gateone -> /etc/init.d/gateone
lrwxrwxrwx 1 root root 19 Aug 16 07:21 /etc/rc5.d/S20gateone -> /etc/init.d/gateone
lrwxrwxrwx 1 root root 17 Aug 16 07:15 /etc/rc6.d/K01gateone -> ../init.d/gateone
Looks good to me.
UPDATE-RC.D ARTICLE FOR DEBIAN
################################
===LINKS:===
https://wiki.debian.org/RunLevel
http://www.debian.org/doc/manuals/debian-reference/ch03.en.html
https://wiki.archlinux.org/index.php/SysVinit
http://www.debian-administration.org/articles/28
http://www.debuntu.org/how-to-managing-services-with-update-rc-d/
===QUICK RECAP===
This is the software that helps setup the symlinks that start and stop the correct services on different boot modes(runlevels) including shuting the system down and rebooting.
All of the scripts are made by the app writer and put into /etc/init.d the app writer must then have the top section look like your about to see in the next paragraph.
update-rc.d looks at the commented out lines at the top of the init scripts.
And looks for this:
#!/bin/sh
### BEGIN INIT INFO
# Provides: APPNAME
# Required-Start: $network $local_fs $remote_fs
# Required-Stop: $network $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Starts and stops Gate One
### END INIT INFO
After that an init script goes into some case selections based on the first argument passed into – a case is a like an if statement, its look if the person wrote start or stop or restart or status or whatever at the argument lines.
The default-start and default-stop call upone the start or stop case
Also the #s in default-start and default-stop corellate to if to start or kill a script depending on the run level number and if its a booting up runlevel you start em “S” and if its a shutdown or reboot script you kill “K”
This command puts the symlinks in /etc/rc#.d/ where # is the runlevel. An example of symlink is like /etc/rc2.d/S20apache2 which is symlinked to /etc/init.d/apache2 – where /etc/init.d/apache2 is the actual file with the data and the other file S20apache2 is the shortcut/symlink. The S means it will start @ runlevel 2 (which is normal boot mode in debian – or multiuser mode) and 20 means it will start after 1 and 2 etc. If there are other scripts with the number 20 they go and run the scripts alphabetically obviously.
I mentioned this all correlates to how the system defines the boot and startlevels, well thats defined in part of the inittab file:
cat /etc/inittab
This is part of The output which shows the main idea
# Runlevel 0 is halt. (make these into KILL scripts K)
# Runlevel 1 is single-user. (make these into KILL scripts K – why single user is kill is because this is like a safemode only certain select things start in this mode because its safe mode)
# Runlevels 2-5 are multi-user. (make these into START scripts S)
# Runlevel 6 is reboot. (make these into KILL scripts K)
I selected the comments before the actual initialization of those runlevels because they are crypting that will throw off this article.
An example config of gateone is below and also below are some lines and ways to use update-rc.d
===THE COMMANDS===
FROM MAN PAGE:
Insert links using the defaults:
# update-rc.d foobar defaults
The equivalent dependency header would have start and stop
dependencies on $remote_fs and $syslog, and start in
runlevels 2-5 and stop in runlevels 0, 1 and 6.
Equivalent command using explicit argument sets:
# update-rc.d foobar start 20 2 3 4 5 . stop 20 0 1 6 .
More typical command using explicit argument sets:
# update-rc.d foobar start 30 2 3 4 5 . stop 70 0 1 6 .
Insert links at default runlevels when B requires A
# update-rc.d script_for_A defaults 80 20
# update-rc.d script_for_B defaults 90 10
Insert a link to a service that (presumably) will not be needed by any other daemon
# update-rc.d top_level_app defaults 98 02
Insert links for a script that requires services that start/stop at sequence number 20
# update-rc.d script_depends_on_svc20 defaults 21 19
Remove all links for a script (assuming foobar has been deleted already):
# update-rc.d foobar remove
Example of disabling a service:
# update-rc.d -f foobar remove
# update-rc.d foobar stop 20 2 3 4 5 .
Example of a command for installing a system initialization-and-shutdown script:
# update-rc.d foobar start 45 S . stop 31 0 6 .
Example of a command for disabling a system initialization-and-shutdown script:
# update-rc.d -f foobar remove
# update-rc.d foobar stop 45 S .
TO SEE WHATS THERE USE TREE:
# apt-get install tree
# tree /etc/rc*/
SIMPLE:
# update-rc.d APPSCRIPT defaults
# update-rc.d -f APPSCRIPT remove
# update-rc.d APPSCRIPT defaults 20 80
For below script you would do something like
# update-rc.d blah defaults
# update-rc.d -f blah remove
# update-rc.d blah defaults 20 80
SAMPLE BOOT SCRIPT FOR APP CALLED blah
######################################
#! /bin/sh
# /etc/init.d/blah
#
### BEGIN INIT INFO
# Provides: gateone
# Required-Start: $network $local_fs $remote_fs
# Required-Stop: $network $local_fs $remote_fs
# Default-Start: 3 4 5
# Default-Stop: 0 1 2 6
# Short-Description: Starts and stops Gate One
### END INIT INFO
# Some things that run always
touch /var/lock/blah
# Carry out specific functions when asked to by the system
case “$1” in
start)
echo “Starting script blah “
echo “Could do more here”
;;
stop)
echo “Stopping script blah”
echo “Could do more here”
;;
*)
echo “Usage: /etc/init.d/blah {start|stop}”
exit 1
;;
esac
exit 0
BOOT SCRIPT FOR DEBIAN FOR GATEONE
###################################
I modified the default one that came with mine because the Default-Start and Default-Stop in the script didnt correlate with my systems default values.
#!/bin/sh
### BEGIN INIT INFO
# Provides: gateone
# Required-Start: $network $local_fs $remote_fs
# Required-Stop: $network $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Starts and stops Gate One
### END INIT INFO
#
# Start/stops the Gate One daemon (gateone.py).
#
GATEONE_DIR=/opt/gateone
GATEONE_PID=/var/run/gateone.pid
GATEONE_OPTS=”–pid_file=${GATEONE_PID}”
# clear conflicting settings from the environment
unset TMPDIR
# Make sure gateone.py is available and executable
test -x /opt/gateone/gateone.py || exit 0
. /lib/lsb/init-functions
case “$1” in
start)
log_daemon_msg “Starting Gate One daemon” “gateone.py”
if ! start-stop-daemon –background –start –quiet –exec ${GATEONE_DIR}/gateone.py — ${GATEONE_OPTS}; then
log_end_msg 1
exit 1
fi
log_end_msg 0
;;
stop)
log_daemon_msg “Stopping Gate One daemon” “gateone.py”
start-stop-daemon –stop –quiet –pidfile $GATEONE_PID
# Wait a little and remove stale PID file
sleep 1
if [ -f $GATEONE_PID ] && ! ps h `cat $GATEONE_PID` > /dev/null
then
# Stale PID file (gateone was succesfully stopped),
# remove it (should be removed automatically by gateone itself but you never know)
rm -f $GATEONE_PID
fi
log_end_msg 0
;;
restart|force-reload)
$0 stop
sleep 3
$0 start
;;
killterms)
log_daemon_msg “Killing all running Gate One terminals…”
# This instructs Gate One to kill all of it’s subprocesses including open SSH connections and whatnot
${GATEONE_DIR}/gateone.py –kill
# NOTE: Also kills dtach sessions (if that feature is enabled)
;;
*)
echo “Usage: /etc/init.d/gateone {start|stop|restart|force-reload|killterms}”
exit 1
;;
esac
exit 0