[lawl]

>is there something about this stack that would let us stop being a middleman?

Yes if you terminate the connection in the browser and your server just acts as a TCP<->websocket proxy, you can verify the fingerprint and (assuming you trust the JS) be sure the proxy isn't MITMing.

> It looks to me like the node SSH service would still have to be running somewhere

No.

[angerson]

Oh, so by "terminate the connection in the browser", you mean the service would connect via SSH to a server, start a separate socket server connected to a terminal, and then hand off the connection entirely to the browser? If not, could you explain what you mean?

If so, I can see some potential issues, but that's a really nice idea for how this could be improved, and I'll look into it more. Thanks (to you and jstanley both)!

[lawl]

I'm not sure I understand what you mean, but the idea is just that the shellvault server is just a dumb pipe. The only thing it does is translate from tcp to websocket and back. You you have some kind of ssh.js that does everything an ssh client does. The only problem is that the browser can't use direct TCP sockets. So instead of SSHing directly into the server you use a websocket to connect to shellvault, and shellvault forwards the data on a TCP socket to the ssh server. And of course takes the data from the TCP sockets and sends it back to the browser via websocket.

That way shellvault acts as a dumb proxy and only forwards encrypted data packets while all the crypto stuff happens in the browser and the ssh server.

[angerson]

Ahh, now I understand. That's worth looking into, thanks!

[Vendan]

Not only is it completely possible, pretty sure it's already been done.... https://github.com/stuicey/SSHy

[bronco21016]

Unfortunately, that project doesn’t yet support key-based auth.

[Vendan]

secure password auth trumps "give full access to stranger" auth any day of the week....