[mythtv-users] Remote Record Scheduling ??
Brian Wood
beww at beww.org
Fri Apr 14 00:50:39 UTC 2006
On Apr 13, 2006, at 6:03 PM, Greg Woods wrote:
> On Thu, 2006-04-13 at 17:35 -0600, Brian Wood wrote:
>
>> Any thoughts on a way to schedule a recording from anywhere on the
>> net without having to enable full-time access to your system from the
>> outside world ?
>
> I do it using SSH port forwarding. Something like this:
>
> $ ssh -L 80:backend:80 myserver.mydomain
>
> Forwards port 80 on my laptop through to port 80 on the backend
> machine
> in my house. Doesn't expose the backend to the net, because you must
> authenticate to the server and get logged in first.
>
> There are a couple of gotchas in doing this. First, the ssh command
> must
> be run as root because you are binding to a privileged port. I solve
> this by running the command in a script, and wrapping that script
> with a
> setuid binary. Yes, there is a security risk associated with that, but
> someone would have already have to have gained access to my laptop to
> exploit it. Next, it appears that MythWeb (at least the 0.18 that I
> have) embeds the host name in some of it's links. This means I have to
> have my browser connect to backend.mydomain, but when I'm traveling,
> this must in turn resolve to locahost, so I have to put that
> equivalance
> in /etc/hosts. This works, but when I get back home, it breaks
> (unless I
> log in to the server first and bounce the mythweb connections off the
> server even when I'm at home, which is what I do).
>
> Not particularly elegant, but it works. I can browse to
> http://backend.mydomain, and up comes the MythWeb page and I can
> schedule recordings to my heart's content. Try that with the crappy
> 6412
> Comcast DVR.
>
That would work (obviously, because you're using it), of course you
need your laptop.
For securing ssh access I ran into a very neat security solution,
port knocking. An example would be that you need to hit your server's
port x, then port y twice, then port z once and port x again three
times, *then* the ssh port would be opened up. Sort of like a
combination lock. It could be used in conjunction with temporal,
phase-of-moon, current date's square root and all sorts of algorithms
to have a very secure "combination". You could bury your current IP
address in the "combination" and have it call you back, all sorts of
possibilities.
I'm thinking of a solution that would work if you had none of your
own gear, say you were at a public library someplace, or a Kinkos
store, with only the most basic (probably Windows, or Mac if you're
lucky) software. That's why I was wondering about sending an email.
Perhaps something you could do from your phone or PDA.
Of course you would need to know *what* you wanted to record, so I
guess you would need a program guide of some type.
But if you could just specify a channel and a timeslot, that would be
good enough I think. Say somebody told you of a great not-to-be-
repeated program and you just wanted to get it on disk.
More information about the mythtv-users
mailing list