177 comments

[ 3.4 ms ] story [ 285 ms ] thread
(comment deleted)
Neat, but it's be very nice if it automatically used the configured HTTPS proxy.
This is freaking awesome. I have been waiting for this for so long. I look forward to using this all day to see how it holds up.
Very cool, but I fired up an emacs session and hit Ctrl+N to start scrolling through a file.... doh!
Really interesting, would be even better if it parsed my SSH config file. Interested to see how this progresses.
I can't believe how great it looks and how responsive it is. I've been running an emacs client in it for a while and other than C-n opening a new window it's practically perfect. Huge props to the team who wrote this.
I think you can run it in some kind of app window mode which avoids issues like c-n, c-w, etc. Not sure if it works in a tab though.
I believe this is the same terminal that replaces urxvt as the non-VT terminal in the newest version of ChromeOS (IE the one you access with Ctrl-Alt-T). I was worried when I switched to the dev channel on my Cr-48 and crosh opened in a new tab instead of a chromeless window.
I think this is the same shell as the one included with the latest release of Chrome OS (Aura UI).
Works really well, nice and quick. Call me stupid, but I'm not actually sure how to launch it (clicking on "Launch App" from within the webstore works but that's surely not the only way).
Open a new tab and click the arrow on the right or click "Apps" at the bottom of the screen.
I believe there's also omnibox completion on app names (though maybe you have to use it a few times first)
Would be nice if they installed an ssh:// URI handler
I did actually try that in the hopes it would work. Onmibox completion is doing the trick for me now.
oh, good idea. I wonder if navigator.registerProtocolHandler works in apps?

I tried adding it manually in settings->Content Settings...->Handlers, but it only allows you to select handlers on sites that have already requested permission, not add new ones (as far as I can tell).

Has anyone code reviewed this to make sure it's not stealing credentials, etc. ?
Beyond that, you must trust the author, since Chrome may auto-update the extension to a future version that could steal credentials.
Yes, this. Though, this is also the case with any other app you may hand your credentials to.

FWIW, it was reviewed internally by Google security people before going live.

The author (rginda, http://www.hacksrus.com/~ginda/) is a Google Chrome developer. You're probably already trusting his code by running Chrome.
Can you vouch that he packages this extension on a machine free of trojans, viruses and backdoors? Hm.
I, er, meant to upvote this, but hit the wrong arrow. :\ Consider this a moral upvote.
Tmux seems to work wonderfully. I bet Chrome Book users are stoked.
Yup, I am. Because I changed my prefix to Ctrl-a, none of my combos clash.
As killer as it is, it says it's a beta and it has known bugs on the page. Use with caution.
Very cool and so close to being useful. Until you can use certs and use them safely it isn't very useful though.
I don't know that this really rises to the level of a "killer" app. Serious ssh users are, of course, already quite happy with their terminal emulators and use platforms that support them natively. I find it very hard to believe (though I'm willing to be surprised) a chrome extension is going to present me with the performance, platform integration, or keyboard navigability I get and demand from gnome-terminal. I'd probably be happy using it from friends machines, etc...

What this will do, however, is hopefully end for good the mess of "How do I expose a command line application to my windows-using friends such that they aren't confused and won't hate me.". And there's a whole lot of value to that.

Why are we happy? We are not. Terminal emulation needs to die, but as you point out, there is no reasonable substitute yet. I have enjoyed toying with interesting experiments like the MPW shell, and I support every attempt to replace or kill the ridiculous anachronism that is termcap. It's like we're the SCA and unix is our ren fest.
I was talking to someone recently who likened it to a shifting pendulum. For a while, he told me, terminal control languages were sufficiently complex that you could send a program to run _on the terminal_, and then things shifted back to running things where you store them on the server.

Now there's HTML5 and javascript, the world's most complicated terminal control language.

I'm not sure that I disagree: the terminal implementation in modern unix is a terrible mess. But the terminal metaphor (a command line being fed by a keyboard and displaying to a scrolling window of text) is nearly perfect, and won't by dying any time soon. And ssh is fundamentally just a data pipe for that metaphor anyway.
The terminal metaphor isn't so great either; in fact I think it's miserable, compared to the workbook-type approach provided by something like Mathematica from 15 years ago (last time I worked somewhere that could afford it) I find it depressing that all command line interfaces aren't like that.

Also, in-band signalling, escape characters, magic select() timing loops to distinguish from "real" input, hackarounds for the fact that the original terminal was a separate computer and had local and remote modes and some keys never sent anything... is that metaphor REALLY still relevant?

I've never used Mathematica and can't find any good comprehensive explanations of the workbook paradigm. From the little I have found, it's basically a text editor interface where you can execute previously typed commands by hitting a shortcut and the output is appended below the command, while still retaining the ability to move all over the page, right?
Pretty much - with folding and other niceties. Have a look at http://reference.wolfram.com/mathematica/tutorial/UsingANote... for a brief overview, and http://www.wolfram.com/technology/guide/SymbolicInterfaceCon... for more information about the interface possibilities.

Also check out http://www.wolfram.com/cdf/ for the more general attempt to make a dynamic document standard. I don't know how successful that's been.

So those controls in the last link can be displayed in the workbook as views on command output? I've been toying with a similar idea for a while now - wasn't aware that there were already implementations of it. I think we're going to witness/participate in a paradigm change in the near future.

Thanks for all the links.

Your second paragraph is confusing what I was trying to distinguish as "implementation" from "metaphor". Yes, I agree all that is a mess (though good luck trying to fix it -- won't ever happen). But it's a tolerable mess, because it enables the command line.

And your first point is just verifiably wrong. If there were truly better workflow metaphors for software development, you'd think at least some of the best hackers would have discovered it and moved to it at some point in the last four (!) decades. Instead, all of the most productive developers in our subculture (almost quite literally every single one of them) work at a command line. They haven't moved elsewhere, because it won't happen, because your thesis is simply incorrect: no better metaphors have been discovered.

(comment deleted)
Upvote for the MPW Shell reference.
> Why are we happy? We are not. Terminal emulation needs to die

Yes, but the proposed replacement for UNIX consoles is a Google web browser that requires you log into Google in order to use it?? I don't think so....

this is insanely awesome. as it stands right now, yes its "just ssh". But open up the developer toolbar and you'll notice this thing is rendering HTML inside of webkit. It doesn't take a genius to see this is a few baby steps from making it possible to render arbitrary graphics in the shell. edit: I might go out on a limb here and say this project is something that is going to be looked at as a real inflection point a few years from now.
as the day SSH became vulnerable to CSS cross-domain exploits :)
Any input receivable by OpenSSH, regardless of whether it is valid user input or malicious input being delivered by a cross-domain attacker, mustn't result in exploit. If so, it's a bug in OpenSSH, not the fault of the developer who integrating the existing OpenSSH code into a new environment.

Unless, of course, the developer integrating the existing OpenSSH code did so in a way that's not the formal OpenSSH interface. Like if he had to do some kind of dirty hack. But he shouldn't have to for this project.

I don't see how the OpenSSH code is expected to automagically insure that keystrokes sent from Google Chrome came from intentional user generated actions.

Any XSS type vulnerabilities in this are likely the result of issues with the extension itself rather than OpenSSH, IMO.

The app opts-in to a strict Content Security Policy <http://www.w3.org/TR/CSP/>, which disallows 'eval' entirely. It also severely restricts where and how JS can be loaded with the script tag, setTimeout/setInterval, and event attrbites. It's essentially intended to make sure that only the JS that shipped with the extension can be executed.

There may be undiscovered exploits, of course, but CSP severely reduces the chances.

Check out TermKit as a pretty awesome proof of concept for this: http://acko.net/blog/on-termkit/
Ah yes, I was trying to remember what the name of that project was. Seriously, with a few tweaks this will allow you to write console apps that can check termcaps to decide if they should be writing out HTML. From there, you can imagine building a "websh" that does the right thing to enable all of those TermKit ideas.
Shameless self plug: https://github.com/hoeck/schirm. It does exactly that, rendering arbitary html (inside iframes) between lines of a vt100 compatible terminal emulator, using escape-sequences to denote document data and images. Works quite well as a proof of concept. What annoys me so far is that its relatively slow (running find on a large dir may take ~20 times longer than on gnome-terminal) and the headaches around (automatically) resizing iframes.
You think having a terminal in a browser is amazing because it will let you run browser applications in a terminal?
Uh, kinda. "Browser applications" is a bit misleading though. Imagine starting a Clojure REPL and having it graph things right there as you hack. Or having iconography or image previews when you run ls. Or being able to see mathematical notation while you're inside of BC. Or having a commandline interface to Wolfram|Alpha output.

The TermKit reply in this thread should be sufficient to see why this will be very cool.

I thought NaCl couldn't open raw (tcp) sockets? I thought it was limited to WebSockets.
Apps may have fewer security restrictions than pages.
NaCl apps are only usable right now via the Chrome Web Store, unless you've manually enabled them to be allowed elsewhere.
This app is part of a small whitelist of apps that can make this type of connection. It's a temporary solution though. The Chrome team is working on ways to make the functionality more widely available.
Just got through scouring the pepper 19 docs for any mention for how this was done. Exciting to see this kind of functionality enabled, but apprehensive about chrome apps developing into an android style permission nightmare. Perhaps if the user always had the ability to arbitrarily revoke permissions and block them by default.
This is incredibly exciting, if not also a bit scary. Thanks for the info.
damn it was an inside job! :)

I'd been checking every few months for the last several years to see if sockets were available in NaCL, for this exact killer app (along with a vnc/rdesktop client)

Sad that it had to be done with an internal whitelist, but I'm mostly just happy that it exists for me to use even if I didn't get to write it!

Can someone please explain to me why I would possibly want to run a terminal emulator inside of my web browser, instead of just using the terminal emulator app that my system ships with?
THANK YOU. I seriously do not get this app. Yes, they may have done a great job, but i don't get why i would want to use it. I can't use it on someone else's desktop because i'd have to install crap in their Chrome. I wouldn't use it on my desktop because I've already got a good terminal app that I've tweaked to be just the way I like it.

Nevermind "killer" app... why is there ANY need for this?

I feel like I'm missing something very obvious.

Chrome OS? Your Android phone? Windows?

I can't work on a Windows machine without installing SecureCRT or Putty. One less thing to install and tweak.

That's funny, I can't work on a Windows machine at all :)
I don't think it will run on Chrome OS.
Nope, it runs fine on my Cr-48. In fact, as of Chrome OS 20, the native xterm seems to have been replaced with the version from this extension, running in its own tab.
Yup, if you read some of the dev notes, it was specifically designed for Chrome OS.
One use case would be ssh over http. Corporate proxies often disallow ssh traffic.
No. from the page "It uses Native-Client to connect directly to ssh servers without the need for external proxies." it IS a ssh client. no http proxies.
That's right. But Secure Shell also knows how to connect to an HTTP-to-ssh relay.
Most clients yes. That one, not sure.
Do Chromebooks ship with a terminal application? If not, that would be a good use case.
Chromebooks have a limited term app that allows you to ssh, top, ping, and one or two other commands.
The whole "Chrome as OS" thing will benefit from this.
it's a toy for now. don't over think it. But it have fun possibilities.
I'm guessing if you have a chrome book it would be a nice solution.
Chromebooks already have SSH installed natively.
And they support keys -- Although it seems the primary way to use them is by putting your keys into your 'Downloads' folder, which isn't exactly ideal.

Looks like this will eventually replace the inbuilt ssh supplied with crosh (Chromium OS shell)

Can you explain this a little more? I cant quite get it to work.
Windows doesn't have good terminal emulator. This extension is almost like having gnome-terminal on Windows. SSH into a remote machine and you have the usual keyboard navigation that the Windows "terminal" doesn't offer.
Sure, but I can download and run PuTTY directly from its download page faster than I can log in to my Google account on any machine where the credentials aren't already saved.

The Chrome extension could be nice for preconfigured "many-to-many" single-sign on from/to a number of hosts with a (hopefully encrypted) RSA key, however.

Windows! I spend most of my time coding in PuTTy + Vim when I'm on windows. In my limited testing this works as I expect with xterm-256, tmux, and Vim on my Ubuntu 12.04 Server without having to configure anything. PuTTy is a pain to configure on a new box.
How do you save yourself the trouble of configuring this extension?

What sorts of configs have you had to do for Putty?

Setting unicode, changing backspace, setting xterm-256 as the TERM variable, etc ... PuTTy configuration is unintuitive when you first try to configure it. There's a well known page dedicated to configuring PuTTy properly on Windows.
I haven't tested this extensively myself, but have you looked at ExtraPuTTY?

http://www.extraputty.com/features.html

Seems like one of its goals is to make it easier to move PuTTY configurations from one machine to another.

In addition to Putty being far from native...
tmux didn't work as expected for me. i.e. I could attach to my tmux sessions, as well as switch between the "panes" - but I couldn't see the status bar.

I also started a new tmux instance (rather than attach to existing one) still no status bar. Any suggestions ?

Edit : Problem solved. I went into Full screen mode (F11) after clicking in addressbar (When focus was on the terminal, F11 printed ~) Anyway, when I started tmux in full screen mode, I could see tmux status bar. I continued to see it even after I left full screen.

Not sure what was the (temporary) problem.

For work I do UI stuff for our web product so much of my day is doing something in iTerm with tmux and then switching to the browser tab to refresh.

So with the Chrome keyboard shortcuts to switch between tabs, it makes things a little quicker.

the complete list of software i use day-to-day consists of a web browser and a terminal emulator. if i switched over to this, that list goes down to just a browser.

maybe some people don't care, but i think it's pretty cool.

If the complete list of software you use is a web browser and a terminal emulator, what do you do in the terminal emulator? Run a text-based web browser and/or other terminal emulators?
sorry, i mean software installed on my computers. i use many different software packages installed on remote servers, but i don't need or want any of that stuff running on my computers.
I don't like the idea of using a single app for everything. I have tons and tons of (personal) reasons, but the most obvious and un-solvable reason is: I can switch between terminal emulator and web browser with Command+Tab. If they were both the same thing, I couldn't do it and I would be very disturbed and confused. The same reason I don't use GMail web app and use Mail.app instead, or Reeder.app or iCal.app or iTunes.app.
Not to be too sarcastic. But what's wrong with opening multiple chrome windows?
You know you can Ctrl+Tab between tabs in most web browsers, right?
Of course. But I usually have a few open browser windows (each containing 5-10 related tabs). If Gmail was also a window, I would have to press Cmd-` (Mac's shortcut for switching between different windows of a single app) multiple times.

But to be honest that's not how I actually do my stuff. I use QuickSilver[1] and when I want to go to Mail.app, I just press Cmd-Space, then 'M' or 'Ma' (because Mail.app begins with M) and press return. It takes less than 0.4 seconds (QS is wicked fast) and is much more convenient than a tab in my browser. Not to mention that a native app is usually way faster and more responsive (I have a ridiculously slow internet connection).

[1]: http://qsapp.com

On Windows and *nix--well Ubuntu at least--you can drag a browser tab into a new window and then Alt-Tab between them. Is there no equivalent on a Mac?
"un-solvable reason is"

This is actually completely solvable, if it was something lots of people wanted to do it could be trivially built into any browser.

It could be built into FF globally with an extremely simple plugin.

Well if the world turns out to become as Google fantasizes and all applications will be ran in browsers, you can switch between apps with ctrl+tab.
It's the difference between Ctrl-Tab and Cmd-Tab, no?
As a followup, my terminal windows are rarely the same size as my browser windows. I don't like resizing my browser windows in general because the browser will remember the new size, even though it was meant as a once-off window. So having a browser-sized terminal doesn't seem like a very good experience.

Additionally, it doesn't even work right. In a screen-controlling app like vim it seems fine, but in the normal shell, once I enter enough text to use more than a screen, the bottom-most line is actually off the window (even if I scroll down).

The missing lines at the bottom is a bug that got fixed just after this release. The next Secure Shell release won't have the issue.

And your browser size issue goes away if you open the terminal in its own window. Chrome even has an "Open as Window" option (right click on the Secure Shell icon) to open in a window with no browser UI.

So I used to think the same thing, and then I saw something funny: it was a spinning 3D cube with a scrolling document on all 6 faces. It was made with pdf.js and WebGL.

Now this isn't the same because it's NaCl and therefore not pure-web, but a pure-web terminal emulator would be awesome! It would mean you could embed it within normal web content and mash it up with other stuff. Want to edit your dropbox contents/Gmail in Vim? Maybe pipe the contents of a file into a text box? Maybe just live refresh the output of your web site when you save?

Actually, I'm running out of cool things you could do. Nobody needs a spinning 3D cube with a PDF on it, but the fact that you CAN do it means that people will invent something useful for it, and I have no doubt they would invent something awesome with an in-browser terminal emulator.

Unfortunately, this being NaCl, it may not be it. Shame.

I can understand that having an open-source library that provides the ability to embed a terminal emulator might be useful somewhere, to someone. But as a full-screen plugin for Chrome?
The only part about this written in NaCl is the "ssh" command. The terminal emulator portion of it is entirely JS.

The only reason it isn't currently cross-browser is because I don't have enough time in the day to make it work everywhere. I tried not to make it too Webkit specific though. If some brave JS hacker/Firefox user wants to make this cross browser, I'd be happy to help.

Ah, pretty awesome then. (I can't change my previous reply though, due to time limits)
Does it work in the latest (hexxeh) ChromeOS release?
Does not work with local area network. I've tried to ssh on my VM.
FYI, seems to work me. I was able to connect to my server in VMware.
Indeed. I've missed the "username@" part.
Is there a way to install this plugin without signing in to Google?
I opened chrome to check this out, but it wants me to "sign in" to install the extension. For me this is a bridge too far: I don't care to tell google about every single extension/application (extensplication?) I'm using.

Like many people, I'm trying to step back from google/facebook snooping, and this would be a solid step toward such big brothering. I suppose next they'll see what email providers I use and whom I correspond with with mutt or whom I chat with on other services with finch etc.. Why expand google's data-gathering "attack surface"? And all this for... (?) what does this offer that sets it above my current terminal client?

Someone please tell me if there is any technical reason I should need to sign in to add an extension (in particular this, or some game).

  >For me this is a bridge too far: I don't care to tell google about every single extension/application (extensplication?) I'm using.
Oh for pete's sake...

Is there anything to this " I suppose next they'll see what email providers I use and whom I correspond with with mutt or whom I chat with on other services with finch etc.. Why expand google's data-gathering "attack surface"?

Or is it further chicken-little, slippery slope conjecture with no basis in reality? Keep in mind that you're connecting to their web store to download this, even sans login. That means they have your IP, and a metric ton of identifying information about you via your browser fingerprint (ala Panopticlick). Complaining about signing in just seems rather silly. Oh noes! They know that you downloaded an extension!

You'll have to forgive me for being blunt. This particular absurd line of thought is starting to seriously become an annoyance - even the chans have latched onto it. Correcting people who have the wrong idea is getting old.

> You'll have to forgive me for being blunt.

"You'll have to forgive me for being rude, obnoxious, conclusion-jumping."

Fixed that for ya.

You're welcome.

Rude? I wasn't aware that pointing out something has no basis in reality is rude.

Obnoxious? Don't post misinformation and you won't be challenged.

Conclusion jumping? What conclusion did I jump to?

And as far as making "Fixed" posts go.. doctor, heal thyself ;)

It got Slashdot-y real quick up in here.
Have you noticed that this keeps happening on different forums? It seems to be an effect of a population threshold being reached and (possibly) the time the forum has existed (separate from the population size - how comfortable the members are and, therefore, how loose they are with their words).
That means they have your IP, and a metric ton of identifying information about you via your browser fingerprint (ala Panopticlick)

Maybe they do, maybe they don't. ;-)

Well frankly I think my "they might read my chat in finch" is a stretch, but no, I don't think that assuming google's goal is to stretch their tentacular roots as deeply as possible into the fertile, loamy soil of my private information is "slippery slope conjecture with no basis in reality." To the contrary, as you probably know, gathering personal information on users is the primary purpose of all of google's unpaid products and the heart of their business model. Would you dispute this fact?

So they are a targeted-ad company whose value is to a great extent commensurate with the amount of information they have on users (another uncontroversial statement, I hope). More info = more value, and you think it's "conjecture" to speculate that they might push further and further into your experience on their platform?

This is the crux of it for me: I've been installing desktop applications and browser extensions for years, and I've never needed to tell an advertiser and the biggest tracker / data snooper on the 'net what my email address. Now all the sudden I do, and there's no (clear) method to opt out, and I'm OK with this because why? I'm willing to trade my data for services when the services are valuable (I use gmail & facebook), but this looks like "give us more info, just cuz" with no value prop. Sure you can sync but I don't want to and there's no reason you should be forced to sign in; that is 100% about data gathering (otherwise there'd be a "forgo sync" option).

IP address and browser fingerprint is not the same as "link everything explicitly to my google account," by the way.

> Like many people, I'm trying to step back from google/facebook snooping, and this would be a solid step toward such big brothering.

Google seems to be working on this. If you've ever seen someone without a Google account try to use Android for the first time you can see how much effort they are putting into stopping people from using their products.

I've never used android--is it difficult then?
Not at all if your Android device does not support the Google Accounts in the first place.

It was really difficult with the ADP1/G1 back in 2008. But meanwhile it is not that difficult if you don't want to use the Google services.

Yeah. It's super easy to activate your iPhone without an iTunes account with a credit card on file.

...wait.

I've never used an iPhone. At the time, I was comparing the experience with setting up my DSi. It lets you download things without making an account or having a credit card.* In fact, before downloading Angry Birds for Chrome I had never needed to sign up to download anything. (You also need to be online and signed in to play the game.)

*The DSi Shop is a big pile of fail, but that is unrelated.

Cool, and I see what you're saying, but there's a specific reason that these things are set up the way that they are.

It's about ensuring that the same experience exists whether you're spending money or not. The reasoning goes, if it's painful to spend money the first time, many people will never set things up if they can get away with free stuff. But if you're required to have an account with a credit card already set up to even get a free thing, then you're more likely to spend money when the time comes. This is also why installing a free app on your iPhone requires you to enter your password and confirm your purchase.

Google's implementation of this is worse than Apple's, because they don't demand your credit card information until the first time you try to purchase something. But ultimately, they're both driving at the same thing, and it's hard to argue with the fact that they're pretty successful at it.

As for your DSi, I hope you never lose or damage it. The lack of accounts for the store means that your purchases are bound to the device and are non-transferrable.

>Google seems to be working on this. If you've ever seen someone without a Google account try to use Android for the first time you can see how much effort they are putting into stopping people from using their products.

You press the "skip" button and then don't try to launch Gmail or Google Play or anything else that understandably needs a Google account.

What is so... appalling about that. There is no effort to "stop people" from using an Android phone without Google. Further it's a pretty silly attack on Google given their competitors and the fact that you bought... a Google Android phone...

(edit: speaking about the Nexus line of phones which I would tend to argue best reflects Google's "effort".)

this doesn't answer your question, but you can always download the crx file and sideload it without signing in (you can also clone it from the chromium repo, but then you'd also have to build the nacl part).

Kind of a pain, but if someone does want to try it out badly enough...

If your bank account recovery link gets emailed to your Gmail account, you have more to worry about if Google decides to abuse your information.
I often fail at being polite to people online, and people like you are the reason.

Trust me when I tell you this:

Google will never steal money from your bank account, by using a password recovery link that you had emailed to your GMail account.

Does that really need to be said? Do you really need CONVINCING of this?

You misunderstand. I am pointing out that if you are consciously giving Google potential access to your bank account, it's odd to be concerned about Google having other information that is far less sensitive. It's like worrying about your white carpet because the robber holding a gun to your head has muddy boots.
Using recovery links emailed to users to access their bank accounts and gather information would open up Google to all sorts of legal trouble even if they do nothing but look. As class-action lawsuits are generally not very good for business, I consider this much less of a concern than legal methods of gathering information, even when the potential information gained from the legal methods is less sensitive.
true, but by that logic, once we give them one thing, we should just openthem up to everything? no.

my bankaccounts are important, but they also come with fraudprotections.

the complete picture of my life, all data mined, possibly misinterpreted, and then availableto my enemies is farmore scary.

If your bank is emailing password recovery -- you need a new bank.

Gmail was not the OP's cause for concern.

You need to be signed in so that the extensions/apps/games can be properly synced to your other Chrome installations. The philosophy of ChromeOS seems to be for absolutely everything to get synced from the cloud. The login can't be optional since it'd be an incredibly shitty UX to have apps installed from the store sometimes sync to your new machine and sometimes not.
> The login can't be optional since it'd be an incredibly shitty UX

The login can be optional if Google chooses to make it so. If I don't want to log in and therefore endure a shitty UX, let me have that shitty UX, thank you very much! It's not like I need all the same apps in all my devices anyway. For example, I might not need this SSH app in a device that can run a proper OpenSSH client.

And that's exactly the problem that some of us have with the /Chrome(OS)?/ philosophy. It's either their way or highway, with no options in between. (That's not necessarily bad for everyone, though. There are alternatives like Firefox for those who don't like Chrome.)

Thank you, this makes sense, tho I'd still prefer to have a different download option that doesn't require logging in.
I wholeheartedly agree.

To those saying "who cares" consider that you may wish to use this extension on a computer where you don't feel comfortable issuing your Google login credentials.

I don't think you need to issue your Google login credentials to _use_ the extension, only to install it. Further, if you're on a computer where you don't feel comfortable using your Google login, why would you feel comfortable using ssh (via this extension) on the same said computer?
GREAT! Now Google can mine my shell for AdWords. I look forward to seeing what Ads I get on android after a good fsck
This is cool hack but a terrible idea. Why do I want some bloated web browser wrapping a lightweight terminal?
because having a web browser just be a web browser is apparently an outdated concept. Or something.

I mean sure, opening up an ssh client is 4 keystrokes for me (on windows) but we need to have it integrated into the browser so firefox (or chrome in this case) can find a way to be even more of a bloated memory pig.

Works pretty well considering its status, though it doesn't like to play along with the hard status bar on my screen sessions.