[FEATURE REQUEST] SSH Implementation

Hi Admin,

Admin, please can you add SSH to the CPanel?! It would really be a useful feature to the community and would make your service much better to use. I know you don’t implement it for security and performance reasons but isn’t there a way that you could implement it? Like say, for example, limited access to the SSH would at least be sufficient for some users, also besides limited access you could use an encrypted connection. And for the performance reasons, why not scale it down so you can at least make it like Glitch’s console where you can at least do something. They’re something like a free hosting provider. Not saying they are one, I’m just saying they’re like one. Back to the topic, if you could combine these two services together, your service + glitch’s somewhat shell-like environment, it would make it better for everyone. If Glitch can do it and they’re providing the shell along with another whole bunch of stuff why can’t you too? Also, if you don’t want us to directly access the shell, why can’t you just provide us with the credentials needed to complete this task? If you can provide us with FTP why not SSH? You can make that environment sand-boxed so that it’s not so much of a risk. I mean, look at what people, and your service could achieve with shell support. It’s bad enough that your free service doesn’t support Let’s Encrypt. If people don’t know what it’s like to experience the feature that they are going to pay for, why buy it? All that I’m trying to say here is, please can you implement shell access? That’s all I’m asking and that’s all I’ve ever wanted from here. It would solve many problems and it would also solve mine. There are not a lot of decent services like yours out there, and with this feature it’s like the last piece of the puzzle.

2 Likes

There are much more important missing features aside from SSH.

Why exactly do you think SSH is required?

I can understand why having SSH is desirable, but I don’t think we will offer this feature any time soon.

In theory, iFastNet could offer this feature, but they choose not to. I don’t know their reasoning exactly, but there are a few reasons I can think of that would make this unattractive.

First of all, it takes a lot of effort to build. Sure, we could just install an SSH server and open it up, but that would create massive holes for hacking and abuse. I don’t know about the architecture of Glitch, but I know that cPanel uses a system they called Jailed Shell. This system basically makes it so that you don’t login to the server itself, but to a container running on this server, which has access to a few programs and your files. To my knowledge, there are no off the shelf products which can provide this functionality for our free hosting, so we would have to build this ourselves.

Even then, that leaves opportunities for abuse. What about people who go will script against the SSH interface and use it to run harmful, long running scripts on the servers. This is probably why Glitch doesn’t offer SSH, but only a web shell: it’s much harder to abuse a web shell, and build in things like time limits and the like.

FTP is great for web hosting because it’s a very simple protocol, meaning it’s relatively easy to operate securely using off the shelf software. SSH and SFTP are not.

But most importantly, I don’t think iFastNet even wants to offer this feature. Right now, shell access is only available with iFastNet’s Business Hosting (and VPS, of course), but not with their regular premium hosting. It’s quite common for entry level web hosting to not include SSH access.

And if you’re worried about not being able to experience premium hosting before buying it, please remember this text from the home page of our website:

Is InfinityFree a demo, trial or sample for premium hosting?

Absolutely not! InfinityFree is fully featured, completely free website hosting. We provide promotional offers for alternative, premium services for people looking for more, but their services are very different. InfinityFree is not a representation of these offers.

If you want to know what cPanel’s shell experience is like, then you should try cPanel’s shell with a hosting account which offers it. Glitch’s web console, or any shell like feature we would build, would not be the same as cPanel’s shell implementation.

You can’t try iFastNet’s business hosting before you buy. InfinityFree is not a demo for iFastNet. iFastNet’s business hosting comes with a 7 day money back period, and offers true month-to-month billing, so you can try it for yourself with little risk.

6 Likes

It will provide access to a whole library of tools to use and will make web hosting much much easier.

Why not monitor the SSH access when people use it. I mean, you already have robots which block you from making you create a valid https:// certificate. Isn’t there a way you can implement a feature similar to this one. Looking at cPanel’s demo makes your cPanel look a little stripped. I mean, there a ton of features missing from there. At least a web terminal would be sufficient. There are some things you could use like KVM’s VirtFS. You should try that feature out. Also, admin, I know this is a little off-topic and honestly, maybe I shouldn’t be asking this, but, how are you managing all this free hosting? How do you manage to give all of this moderately featured web hosting for free?

InfinityFree is powered by iFastNet. The entire system was built by them. This is why the staff of InfinityFree don’t have any controls over features or adding them (like SSH for example). That has to be done by iFastNet. However, as the admin has already said, I doubt that SSH will be implemented for the accounts on the free host resellers anytime soon (if ever).

3 Likes

We don’t block anyone from creating an SSL certificate. If we did, why would we offer a control panel menu to manage SSL certificates? Yes, we have security systems to keep bots out. But we don’t block any SSL vendors. But it’s up to you to choose an SSL vendor with a verification method which you can actually use.

But the bot protection system makes sense from a general product perspective. We provide free hosting for websites. The bot protection helps to enforce that.

VirtFS is also what cPanel uses. And it’s also a feature which iFastNet only includes with their Business Hosting, not their Premium Hosting products. So it’s not going to be available with free hosting.

Also, what would you expect this web terminal to do? Do you expect a POSIX shell with full GNU utils? Or just a way to execute a few specific commands?

InfinityFree is paid for using the advertisements on our own website, and from the revenue of premium hosting. Which is also the reason we don’t make all features available for free. If all premium features were available for free, why would anyone ever upgrade?

This is also why our cPanel is “stripped”, many of cPanel’s default features have not been implemented on free hosting, either for security/resource restriction purposes or to distinguish free and premium hosting.

4 Likes

Honestly, tell iFastNet to up their community support.

I was considering to upgrade to iFastNet, but InfinityFree and the community just feels so much better and friendly.

5 Likes

True.

But I am having some trouble recently with your interface. Like for example, you provide no way to set a custom document root for the website. Like say for example a week ago, I mistakenly deleted my website from the add on domains section of the cPanel. I was like "meh, I could just add it on again and it will be fine. I tried to add it back, but to my surprise, it did not work!! I mean like why InfinityFree, why?! At least provide a way to enter the document root! That is like one of the most basic and essential features you could provide! Even with a free hosting plan that is not an entirely pro feature. So, shell access to the side for now, why can’t you provide also to change the document root?

A POSIX shell would actually be a really nice feature to add.
But let me be fair and not take advantage of the situation. Since this is a free hosting plan, and also you want to keep it minimal and use the least amount of resources, I’m thinking about a shell that would be stored directly on the user’s server. Also, maybe a web-shell, and, using like and ssh-server also stored on the user’s server you could create like a hybrid of a web/ssh shell. The problem is, though, how will you do that??? The first idea (the simplest way I could think of implementing it), is like a plugin that enables SSH and then since you are using shared-hosting you could reserve one logical partition of the webserver for the shell. Each user when they connect through the web shell or use ssh will span an individual sandboxed shell that will allot them about 1.5GB of RAM (or smaller whichever you think is appropriate) which is the maximum amount of RAM the user can use. Once maxed out, shell access is revoked for 3-5 days. The applications them will be stored in the user’s home directory which also will have a limit of 4GB of application storage. Once the user disconnects or when the shell detects no activity( timeout), that shell is immediately terminated. This is just an idea, but if you want you can make an actual implementation of it, not sure how, though. This is also just an example of how I would implement a minimal shell.

1 Like

I read the front page of your website(again). Here is what it said:

Free Hosting Features

Everything you could possibly need for your website…

Unlimited Disk Space

Linux 3.2

etc, etc.

by “unlimited disk space”, do you mean like 1-4 or even 10 TB of space or literally meaning we could use all your space on your webserver we wanted to or would that just ultimately ban us from your website.

Also you have Linux 3.2. I mean like (disclaimer: this is constructive criticism ahead) why would you put that? We don’t even have shell access you why even bother to put that if you know you would just disappoint your clients by putting that up on the front-page and also don’t even have the slightest proof that that is true. What purpose does it serve for you to put that up there if some people don’t or don’t even bother to want to know what that is.

By the way, I noticed you have a dark theme and I love it! Keep it up! :smile:

I wouldn’t say that setting a document root is exactly essential. Many people have never had to use it. Also, InfinityFree still doesn’t have any control over features (which has been said multiple times) Even if your interesting SSH plan was feasible, there’s no use telling it here. [quote=“Joe560, post:13, topic:21423”]
by “unlimited disk space”, do you mean like 1-4 or even 10 TB of space or literally meaning we could use all your space on your webserver we wanted to or would that just ultimately ban us from your website
[/quote]

While there is no hard limit for storage, there is a limit for inodes, as well as file size limits. So using that much space is impossible. That being said, no providers can literally offer unlimited storage, because there is no hard drive in existence that doesn’t have a max capacity.

Shell access or not, it’s still important to know for people who want to use web software (such as Wordpress) on their site. And just because some people might not care, there’s a lot of webmasters that do.

2 Likes

I think the biggest problem is that their service is controlled by iFastNet.

I would love to see InfinityFree being independent and actually having full control of their service, but I think it’s financially impossible.

2 Likes

The “why” here is that iFastNet made some, in my opinion, inconvenient choices with their API. If it were up to me, I would assign the first domain name of the account to a domain directory (e.g. example.com/htdocs/) instead of the main htdocs folder, so you can add and remove it without breaking anything. That would remove the main necessity of changing the document root.

So I don’t agree with your statement that changing document roots is “basic and essential”. If the initial account setup worked a bit more sensibly, most people would never have to touch the document root if they just upload their website to the right location.

That resembles how VirtFS, the underlying technology of cPanel’s Jailed SSH also works. Which is a feature which iFastNet currently only offers on their Business Hosting plans. Premium Hosting doesn’t have it, and neither will free hosting.

Because as simple as the idea sounds, simple things get hard when done on a large scale. Sure, spinning up a lightweight container and keeping it running for a few days on your own computer or rented (virtual) server is no problem, but it does become a problem when you run thousands of containers on an already quite loaded server. Because keep in mind that while you don’t pay for the hosting, iFastNet does, and they need to keep costs down in order to keep the free hosting economically sustainable. That is, assuming the Linux kernel will even let you create so many mounts/cgroups/etc. without breaking down.

Please see the “Usage of Disk Space Terms” section in our terms of service: https://infinityfree.net/terms/

That’s taken from iFastNet’s product material. I agree, it’s quite meaningless.

3 Likes

Are you even in control of this website? ( Insult not intended )

If this website, yes. Of the entire hosting platform, no. This forum, our main website and the client area are built by us. The control panel and all of the stuff actually hosting your website is built and maintained by iFastNet, and I have limited control over that.

4 Likes

So you’re saying that to add a feature onto the CPanel would be a bit of a struggle for you to implement.

…but as Admin you should have control of the whole website. By you saying this and my interpretation is basically this:

Image%201

But in my opinion it should be this (Since you are @Admin):

Image%202

I am no expert and this is not and insult but you should really consider talking to iFastNet about your control towards the CPanel. Because what you are telling me right now is that you can’t add the feature because of the limited control you have over it. You should (if you can), you should remove Some Guy and his team upwards or remove them completely. Because you are Admin and you should be in control over mostly everything. I’m not saying to go and war with iFastNet, just simply (like what I’m doing right now), put a simple request on their website on regarding the situation and then post it.

Also, if you can, can you please try to add desktop notifications to your site. I’m really having trouble keeping up with checking this website constantly. If you do currently have it, can you please point me the way?