This is not a standard terminal replacement, it's a Chrome extension providing quicker access to koding.com's vm service. Vague headline, cool product but not relevant to me right now.
you're right, but local bash in the browser is technically not possible for now. (if you don't hack or bridge the chrome). It can be an emulator or a connector like the secure-shell app by Google in Chrome store. Terminal app provides a free and full terminal with Koding VM.
ChromeOS has something, but I have a feeling that's the browser acting as a window manager and running the terminal from its underlying Linux OS. I do wonder what might be achievable with PNaCl...
Not saying what you've done ain't cool! Just wasn't quite what I expected from the headline :)
ChromeOS is able to show terminal in the browser because the feature is built into the browser. i.e terminal extension (crosh extension) on ChromeOS has special privileges to access the underlying system.
if you want to dig deeper (grep for terminal_private_api here):
For whatever it is worth, I found ChromeOS's to be trash. I used it for a weekend on my Pixel and found it very unpleasant to use. If your environment isn't restricted such that a terminal in browser is really your only option, I don't know why you would do it that way. I don't see the use.
The one that's normally available (crosh) is pretty awful, yes. The dev-mode shell available by typing "shell" in crosh is more normal. All I really want it for is ssh anyway. If anything more hardcore is needed it gets rebooted into Ubuntu mode.
Haven't actually laid eyes on the pixel yet, I have a Samung ARM chromebook and I love it. Is the pixel worth the cash? And have you loaded an alternate OS yet?
Oh, I mean I wasn't impressed with the terminal emulator itself. At least when I tried it, it seemed to have problems with some ctrl-sequences (as in, other things would get them instead of whatever I was running in the terminal emulator). I also was not very impressed with the weird cursor fading thing it does.
Right now I'm running Debian Wheezy on my Pixel with a recent kernel that I built myself (the 3.0.whatever kernel Wheezy is on right now doesn't have touchpad support for the Pixel).
The Pixel is only worth the cash if you have very specific use cases. First off, I don't consider it worth the price with ChromeOS at all, so you've got to put a regular distro on it. ChromeOS might be tolerable with cheaper hardware, but for what I paid for the Pixel I just can't stomach it. The hardware itself is underpowered (i5, little ram, runs hot as all hell if you start running a long build or something (seriously, I've burnt myself.)) and has very little storage, so your usage pattern should be lightweight (I've used tiling window managers instead of fancy DEs for years so that is a-okay for me.) The screen is absolutely fantastic; best thing I have ever seen, and the real reason I bought it. The screen is so good that, despite the downsides I've listed, I am very pleased with my purchase.
In short:
Upsides: Fantastic screen. Linus uses one, so shit works. Solid build quality.
Downsides: Expensive, underpowered, can get hot as all fuck.
I think Google missed the mark with the Pixel. It makes a nice tech-demo for the screen and their ability to make things out of aluminum, but it isn't something I could recommend to anyone with 'normal' usage patterns. Don't buy one unless you absolutely know a high DPI screen is what you want, and know that the specs will accommodate you.
>> Oh, I mean I wasn't impressed with the terminal emulator itself. At least when I tried it, it seemed to have problems with some ctrl-sequences (as in, other things would get them instead of whatever I was running in the terminal emulator).
This is true, my go-to text mode editor (yes you can laugh) nano has Ctrl-O for write-out and that brings up the ChromeOS open dialog instead. It's most irritating.
I might wait for the next-gen pixel then, if there is one. I would like a high-dpi screen and I do usually work on remote systems, but it sounds like there's a problem if it gets that hot when you put any load on it.
Heat is absolutely a problem with the current Pixel. My suspicion is that the Pixel can probably cool itself well under loads you would expect in ChromeOS, but if you fall outside of that usage pattern it becomes problematic. (There probably aren't a lot of ways to peg the CPU at 100% for minutes on end in ChromeOS while not in dev-mode.)
> if there is one.
Yeah, that is a big if. I don't have any sort of sales figures for the current Pixel, but I haven't encountered many other people with one... I suspect it isn't selling well.
> There probably aren't a lot of ways to peg the CPU at 100% for minutes on end in ChromeOS while not in dev-mode.
Load a webpage with just one or two screenshot-sized animated GIFs. Browsers are really bad at this; I wonder how many years it's been since the GIF rendering code was touched in most implementations.
Interesting. On my phone pages loaded with animated GIFs are slow as molasses but on my regular ol' Linux (Core i7, Intel graphics) desktop I don't think I've been to a page where I experienced any sort of slowness.
That'll bring my Samsung Galaxy S4 (a very current quad-core phone) to a crawl but my desktop won't even get the chrome process above 10%. Maybe it's GPU-related? I wonder if Chrome for Android even uses the GPU, hmm...
But now, a trick, to make browsers even angrier (which is starting to come up as a use-case in, e.g., forum signatures and avatars):
1. set the GIF to a non-native scale (e.g. width="100" height="100");
2. apply a CSS animation to it, where the CSS animation loops a filter() value on the GIF. For example, filter: hue-rotate() the GIF through a 360 degree cycle every 2s. For maximum pain, apply a filter: blur(). (Warning: this last one may actually crash your browser, or at least cause severe artifacting on random parts of the page. I've been intending to report it to Chrome's bug-tracker for a while...)
I believe this causes as much havoc as it does, because GIFs are always decoded on the CPU, and the results of decoding GIF frames and scaling them to display size are never cached; instead, each time a GIF transitions to a new frame, it writes the frame-delta directly on top of the previous frame's video memory. So, when you apply a GPU-bound filter to a CPU-bound write-heavy texture, you give the GPU's pipeline a pessimal case.
> There probably aren't a lot of ways to peg the CPU at 100% for minutes on end in ChromeOS while not in dev-mode.
Hahaha! Have you even used Gmail?
Lots of games (Running Fred, I'm looking at you!) will also peg the CPU at 100%, obviously. Then there's the fact that there's a lot of bad code (JavaScript) out there that does things like downloading 50MB worth of email addresses into an Array :)
This is interesting. I am the author of Gate One (https://github.com/liftoff/GateOne) and I learned early on that Chrome doesn't let JavaScript override Ctrl-T, Ctrl-W, and Ctrl-Tab but Ctrl-O? That's silly. There's no reason why they couldn't override that.
Note: You can work around the Ctrl key override problem by opening up any web app via an "application shortcut". Menu-Tools->Create application shortcut.
There's actually an app called "Crosh Window" to fix the Ctrl issue. It opens in a separate window and can take Ctrl sequences without Chrome picking them up.
Interesting, I was thinking about getting one for browsing/webapp use and remote development over ssh. In addition to the screen, I also like that ChromeOS sounds like it handles OS updates much better than anything else - free, seamless, automatic OS updates for life apparently. Better than Windows 8 trying to turn the computer into a giant tablet or OS X creeping further towards being a giant iOS device. Or linux distro updates breaking things (at least that's been my experience with linux). And all have a lot of overhead as far as installation time.
I have a Samsung ARM Chromebook and I use it all the time. Way more than I thought I'd use it. I bought it as a testing platform for Gate One (https://github.com/liftoff/GateOne) but I end up using it most when, "someone on the Internet is wrong." (haha).
So I'll be chilling out in my Lay-Z-Boy with my family watching a kids movie (that we've watched like six times), surfing the web on my phone and lo and behold someone will say something that needs an old fashioned Internet whomping--with references, snide remarks, and lots of puns. The type of thing for which a phone (software) keyboard isn't suited. As in, "I cannot let this person's false statement go unchallenged!"
So I dash to the office ("Honey, where's my super suit?") and I have a choice to make: Un-cable and remove my nicely-mounted (on a cool swiveling arm!) dual-SSD Acer S5 laptop and haul it back to the living room (you know, so I can share the experience with my family =) or I could grab the Chromebook which is conveniently located near the door and has only a single, tiny power connector.
In less than 60 seconds (maybe 30 if I don't grab a drink on the way back!) I will be back in my Lay-Z-Boy, furiously typing away on the Chromebook. Saving the world from the ignorant, shills, and Microsoft fanboys.
If ChromeOS is the sort of thing that you can be satisfied with, then the Pixel may or may not be worth it; it is hard for me to judge that since I'm not really a fan of ChromeOS.
> local bash in the browser is technically not possible for now.
Yes it is, and I've seen it. It was posted to HN a while (like about a year or two) ago, and could run emacs etc. It was done by emulating x86 in Javascript and then running Linux on the emulator.
local bash in the browser technically is possible without any hacks. You need to write an NPAPI browser plugin to do forkpty() and the browser-javascript can access the pseudo terminal through the NPAPI plugin.
Well, if you're using Chrome on Linux you can just run Gate One (https://github.com/liftoff/GateOne) on your desktop and connect to https://localhost/. That'll let you access SSH or whatever terminal program you like. I use it every day!
While I personally would trust the Koding folks to be responsible with my credentials/SSH sessions, if you want a terminal in your browser using a server that you control why not use Gate One? (https://github.com/liftoff/GateOne)
It'll let you run whatever terminal app you like (defaults to SSH w/advanced features like session duplication).
And type passwords to remote host where ssh client's running. Nope, not cool at all.
A possible workaround is implementing SSH agent forwarding support in Chrome app. However, you still have to trust remote ssh binary to only do what it's supposed to do while you're connected (i.e. not log your communications, not open secondary channels doing some weird stuff and so on).
This isn't really the intended use case, sshing from your Koding VM to other servers. However the VM we give you is yours - you have root and full control over it, if there is something on there to capture your passwords then you put it there :) (We are not the NSA)
That is the least convincing security statement I've heard in a long time. So what if we have root access? You can still log everything or compromise the vm under the hood -- and there really is no way to prove otherwise AFAICT (trusting trust and whatnot). In this case, the NSA would least of my concerns!
PSA: Don't count on this to be secure. Not just because Koding can obviously monitor everything you do, but because the implementation appears to rely on some more or less flimsy kernel container isolation (user namespaces etc). This means hackers can break out of one instance of this and enter others. So please, don't use this as a bouncing point to SSH to other servers or for anything else that might be even a little sensitive.
Also, it's apparently unpatched since May:
$ cat /proc/version
Linux version 3.9.0-0-generic (root@salt-master.in.koding.com) (gcc version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) ) #4userns5 SMP Mon May 13 06:15:34 PDT 2013
I have $1000 here waiting for you if you can break from one container to another. I need valid proof in the form of source code for your exploit. send it to hello @ koding.com and we will paypal you the money.
Does anyone know what Koding.com actually does? I watched both videos, read the "NOW PUBLIC" blog post, and I feel like it might be awesome - but I don't know. Is there a page that details what the product actually is? Kinda feel dumb for even asking, but I can't seem to find out?
They are providing an easy way to create a sandbox to code or learn to code.
A simple use case would be if you were to teach a class on coding that required a Linux environment to compile C, but the students brought their own laptops, you could
A. Struggle with all the possible laptop configurations and how to install VMs and/or the proper packages on those computers
or
B Use koding.com and have everyone do their projects on koding.com's VM so that everyone can focus on learning instead of configuring.
At the end of the project, you also get the added benefit that the tools used to validated homework and projects will be the same tools used to develop. This was a big problem when I was in school where students would develop on a rogue platform (ie. MS or OSX) and the TAs would compile and run the code on Linux and there would be build errors or run time errors for random configuration problems.
----
As for their business model, from what I can tell, they want to first create a universal platform for anyone that wants a linux sandbox to play, code, learn. Then they will charge businesses or universities that want to upgrade to have a lot of access or special VMs.
Indeed, this fits my use case to an absolute tee right now. I'm trying to pick up Rails, and doing anything related under a Windows environment is downright painful, and I'd rather not dualboot just to get into "work mode".
Why not spin up an Ubuntu VM in VMware or virtualbox? I'm not knocking the koding terminal, but "I want a Unix environment without dual-booting" is a fairly standard VMware use case.
Spinning up a Virtualbox, especially on a machine with low resources unfortunately is a kill. Besides the Terminal, Koding has features like private Groups, Collaboration, Online editor and so on. That means once you create and begin to use a VM, you can access it from everywhere without any hassle with just one login!
Pretty much took the first few words out of my mouth, there. The fact that this is accessible from any web browser I think is the killer feature. I can't install putty or access ssh on every machine I use.
I am so, so tired of all this Koding spam. I've seen spam from multiple accounts (one of which was fka, who now admits to being a dev) on both HN and Reddit.
We are pretty open about who is staff and who is not. if you don't like what we are doing thats your prerogative. Simple fact is we offer you a dev environment with root on your dev VM for free. All setup and ready to go in seconds. No one else is doing this, so call it spam if you like but the number of users signing up daily and enjoying the service disagree with you (oh and yes I am staff).
you joined last week, you have no submission, you have two comments at all and they all about koding -and me- :) what is your problem with me? are you my ex-girlfriend or something?
I also learned to program with my HP48GX and my HP49G. When we couldn't imagine we would have smartphones, we already had programmable computers in our pockets :-)
There's a lot of companies offering web-based IDEs with built-in terminals now. They've already started to differentiate themselves with unique features too! For example:
http://wakari.io/ - Focus: Scientific computing and analytics. They also offer a great implementation of IPython Notebook (really, the integration with Anaconda/conda is awesome). It's run by the folks at http://Continuum.io (Anaconda, conda, Numba, IOPro, Bokeh, etc).
http://www.devtable.com/ - A really slick (love the default dark theme) Web-based IDE. The GUI is really nice (minimal--the good kind) and doesn't "get in the way" like some of the competition. They also have lightning-quick deployment of your apps to GAE (the speed at which you can deploy/test your code impressed me). They also have an interesting LaTeX project option which also has instant deployment/testing. Useful because getting the LaTeX tools setup on a workstation can be a real pain (and they're SLOOOOOOW).
I've been using nitrous.io for a month or so. It looks like this is the same thing, except without the browser-based text editor, which I kinda like since I haven't gotten really used to working in any of the terminal text editors yet. It's not clear if they support real ssh access or sftp either.
I'm not sure how nitrous is expensive. I can't find any ways to give them money right now at all, or even any proposed future pricing. I have a few quibbles with their system, like the way their servers seem to shut down if not used for a couple of days, the ssh sessions disconnect semi-randomly, and no root access to install things that aren't already there, but cost doesn't seem to be an issue.
Yes we support SSH and SCP. Yes we also have browser based editor. Just need to go to the main site. We also give root etc. As long as your using the VM it will not shut off - however it will shutdown 15 mins after you logout.
so let me get this straight... they wrote a terminal app that sends all your code to some third party? wow yeah lets just throw security out the window. no mention of the privacy implications on any of this. not sure if any of my clients would want their intellectual property sent out to some random third party. thanks but no thanks. i'd rather use xterm or gnome-terminal.
or github, aws etc. Oh yeah thats right, couldnt use those either. I guess you host everything yourself on a private network that you install all the connectivity for globally ?
Actually, I do host everything privately and only connect to it from trusted machines over encrypted channels. But I'm far from typical in regards to preferring my own clouds over popular trusted resources.
For what it's worth, I think the level of criticism you're receiving is grossly unfair. However I also don't think you've done yourself any favours here either. You content has been focused on how "cool" this technology is without really focusing on the security of your service. Since this is a hacker forum and since the very nature of SSH is a secure communications channel, it's understandable that people are concerned about this aspect of your business.
However I also think people have gone overboard. This is a typical example of a growing trend on HN for members to dismiss others hard work - after all, it's easier to contribute in a community by offering negative criticism than it is to create content for all to criticise.
Sadly though, even in spite of my issues with the direction this thread has taken and the amount of negativity posted, I do have to agree with the points being raised. So as much as this project interests me and looks innovative, personally I would rather stick with native client running locally. I don't feel you're trying to solve a problem that doesn't exist (sessions can be restored via terminal multiplexers such as screen and tmux and there are already a number of native client terminal emulators available for every OS imaginable). In effect, what you've done is created a product that raises security concerns without offering any real benefits. And it really pains me to say this given my previous rant about the amount of negativity in this thread.
I don't think this should be downvoted, since of course it is also technically possible for Amazon to snoop on your EC2 servers. However, Koding's generic privacy policy and 404ed terms of service are not that inspiring on the matter.
Really cool. A little slow to load, perhaps, but I say that with no knowledge of how much is going on behind the scenes.
I have only one real complaint, and it's unique to me. I use a blank page as my new tab page instead of the default, and I could find no way to launch this extension other than setting my new tab page back to the default.
There's two ways that I'm aware of to launch a Chrome app without using the "new tab tab":
1) Use a bookmark. Chrome apps are just bookmarks, after all. If you want to be really clever about it you could even use a (personal, non-social) bookmarking web app like http://bookmarked.us/
hi koding dev here. if you are guest, you don't have sudo access. to have root access you need to be registered. and your login password will be your sudo password, too.
This is pretty awesome - they are ahead of the curve. It's quite appealing to be able to have access to a full dev environment/VM with just Google Chrome as a prerequisite. I know Google does a lot of development with a similar sort of tool - nice that this sort of infrastructure is rolled out for smaller shops.
I was hoping to try this on my iphone... I made it past registration but the site doesn't seem too mobile (small screen) friendly after that. I wasn't able to read or close the modal that came up.
I was hoping for a better CROSH/HTerm (ChromeOS's builtin terminal emulator) but ended up with some weird something else that I don't understand nor want anyway.
I wrote it to solve the problem of, "I need to SSH right now but I don't want to install anything." I've been improving it pretty steadily for about two years now and people seem to like it. I've even got paying customers so it's certainly usable for at least a few people ;)
If you try it and you think it sucks send me a long, detailed ranting email (you can use the feedback form at liftoffsoftware.com if you want). I love em! What's more useful than honest, detailed feedback? I always fix what I can.
Your only previous comment on hacker news was praising their product. Your only submission to HN is a positive plus url about them. I wonder what made you change your opinion. Would you mind sharing?
I think that is bugged, unrelated to load unfortunately. If you're interested in signing up with your Github account, try going to koding.com normally and using your github account there.
chrome doesnt allow to redirect the github login page to extension page, it makes this feature buggy with the chrome app. you can simply go to http://koding.com/Register and login with your GitHub account. Then reopen your terminal, it will be opened with your registered session.
