Wiki Improvements and Installation Instructions

[twodayslate]

It seems SAIB_SSL needs to be false in order for the wiki instructions to work. There should also be a note to make sure there is a trailing slash in the URL for the extension settings. Perhaps also a note that the default password should be changed.

Is there a good way to make sure shellinabox is only available via Plesk / internally?

It would be great if the SSH username and password were either listed on the Plesk page and/or auto-filled.

[dmhendricks]

It seems SAIB_SSL needs to be false in order for the wiki instructions to work. There should also be a note to make sure there is a trailing slash in the URL for the extension settings.

Thank you - I will look into this.

Perhaps also a note that the default password should be changed.

Good idea.

Is there a good way to make sure shellinabox is only available via Plesk / internally?

I suppose it could be limited by referrer, but that's not much more secure. There is probably a way to require a session key with this setup, but I'd have to ponder. It was assumed that if they have shell access enabled for customers, using a different client would make no difference. However, I understand what you're suggesting - block SSH/shell access to everyone except system admin IPs and the web-based client.

It would be great if the SSH username and password were either listed on the Plesk page and/or auto-filled.

Agree about the username, though I would not display the SSH password in clear text. If someone forgets his/her account password, they can reset it in Plesk. IIRC, Plesk passwords use one-way encryption/hash anyway.