[mythtv-users] Is there interest for a couple very short HOWTO's?
Chris Strom
mythtv at eeeCooks.com
Fri Mar 26 07:01:02 EST 2004
On Thu, Mar 25, 2004 at 08:34:59PM -0700, Nowhere wrote:
> I am somewhat new to Linux and I just secured my Mythweb with a password
> so that I can safely pass the port through my router and access it from
> the internet. I know for the experience Linux users out there it's a no
> brainer but I had to read up how to do it. Anyone want me to write up a
> short HOWTO on this?
Call me paranoid, but I don't regard this as "safe". The
username/password are sent in clear text. Unless you're using something
like /etc/hosts.allow or additional apache configuration, anyone can
access the resource. I accomplish the same thing via SSH tunnel.
The only port that I have opened is for SSH (and for that I only allow
two IP addresses access, set both in the firewall and in
/etc/hosts.allow). I use SSH port forwarding to access the various net
resources, including mythweb on my apache server:
remote-host $ ssh -L 10080:localhost:80 my-home-ip-address
To access mythweb I then open the following URL in my browser:
http://localhost:10080/mythweb/
Port forwarding sends all request to port 10080 on remote-host (e.g. my
work computer) to port 80 of my mythbox. It's all encrypted by the SSH
connection and the security administration is easier (read more secure).
If your SSH box and mythbox are different, then simply:
# Note the change in the argument to the -L switch
remote-host $ ssh -L 10080:mythbox:80 my-home-ip-address
More information about the mythtv-users
mailing list