Configuring and autostarting shellinabox

Since many of the places I travel to have firewalls disallowing other than http and https traffic.

So I started researching shellinabox for openSuSE (I run 12.3), but there is remarkably little information
The first link (on my end) even talks about downloading the source, then compile and install it in /etc/init.d/boot.local:

I found out that zypper knows about shellinabox, so this succeeded:

zypper install shellinabox

Now my plan is this:

  • run shellinabox in non-secure mode locally
  • have apache handle the https to http

So, here I am trying to get this done without relying on yast, as I want to know how to configure this on the console.

This gives a whole bunch of questions, starting with these:

  • is chkconfig the right command to configure shellinabox to run as a service and start after boot? It seems to indicate that currently it is not configured as such, but apache is:
snip:/home/jeroenp # chkconfig shellinabox
shellinabox  off
snip:/home/jeroenp # chkconfig apache2
apache2  on

rcshellinabox start will start the service at port 4200, as nmap shows nicely:

snip:/etc/shellinabox/certs # nmap -sV -p 4200 localhost

Starting Nmap 6.25 ( ) at 2014-05-31 22:14 CEST
Nmap scan report for localhost (
Host is up (0.000091s latency).
4200/tcp open  http    ShellInABox httpd

Service detection performed. Please report any incorrect results at .
Nmap done: 1 IP address (1 host up) scanned in 11.31 seconds

  • what is the configuration file to tell shellinabox the local port number, usage of HTTPS and such? There seem to be none generated in /etc

Right now these directories are empty:


The thing is however that http://localhost:4200 is automagically redirected to https://localhost:4200/ (which I don’t want, as I want apache2 to do the https handling for me so I can share port 443 with other https traffic).

More questions will obviously follow (:

This is a double post. It is CLOSED and will be removed Please go to when you are interested.

To the OP: please do not double post. It will create a mess out of the discussion.