Mastering Linux Server Access: Web-Based SSH & RDP with TOTP Security

# 🔧 Mastering Linux Server Access: Web-Based SSH & RDP with TOTP Security

Managing remote Linux servers through traditional SSH and RDP tools has always been the norm — but what if we could simplify access using a secure, modern web interface?

In this post, we'll explore how to build a **self-hosted web-based SSH and RDP access tool** with **Two-Factor Authentication (TOTP)**, using open-source libraries and Python Flask. This guide is perfect for sysadmins running small to mid-sized infrastructure or home labs.

---

## 🛠️ Features We Built

- ✅ Web UI with secure login

- ✅ Role-Based Access Control (RBAC)

- ✅ TOTP Authentication (Google Authenticator compatible)

- ✅ Integrated xterm.js for SSH

- ✅ Apache Guacamole / FreeRDP backend for RDP

- ✅ Audit logging and access tracking

- ✅ Dockerized for easy deployment

---

## 🧪 Stack Used

| Component       | Technology                    |

|------------------|-------------------------------|

| Web Framework   | Python Flask                  |

| UI              | TailwindCSS + Jinja Templates |

| SSH Backend     | Paramiko + xterm.js           |

| RDP Backend     | Apache Guacamole or FreeRDP   |

| Authentication  | Flask-Login + PyOTP           |

| Deployment      | Docker + Docker Compose       |

| Database        | SQLite (for simplicity)       |

---

## 🔐 Why TOTP?

Passwords are no longer enough. By integrating TOTP (Time-based One-Time Password), even if your password is compromised, attackers won’t get access without your device-generated code.

We used the `pyotp` library to generate TOTP secrets and validate user codes at login. It integrates easily with Google Authenticator or Authy.

---

## 🚀 Demo & Source Code

👉 [GitHub Repository](#) 

👉 [Live Demo](#) *(Add your actual links here)*

Clone and run using Docker:

```bash

git clone https://github.com/yourname/web-ssh-rdp

cd web-ssh-rdp

docker-compose up -d