[mythtv-users] Securing mythweb
Jack McGee
jack at greendesk.net
Mon Feb 15 17:34:45 UTC 2010
This thread seems appropriate for my question. I had htdigest enabled,
and logging in from public internet, but realized anyone could snoop and
find my password that way. I know about OPENVPN and that I can enable
on my buffalo-tomato firmware router, but then I have to run client
software. I want to be able to access it from my WM6 phone, work
computer (from behind work proxy), etc. Without loading any software. I
know I can connect to my bank securely and not load software. Is that
possible either on the router as a gateway to home network, or the
mythtv FE/BE?
On 2/9/2010 2:37 PM, Travis Tabbal wrote:
>
>
> On Tue, Feb 9, 2010 at 1:20 PM, Kenneth Emerson
> <kenneth.emerson at gmail.com <mailto:kenneth.emerson at gmail.com>> wrote:
>
>
>
>
> Once you open up port 22 on your mythtv box to the internet, it
> will be hit by computers trying to hack into it (check out
> logwatch to find out). If you leave userID logins enabled, odds
> are you will eventually get hacked.
>
>
>
> You don't need port 22. I said SSH, which can run on any port.
> Denyhosts goes a long way toward stopping the random brute force
> attacks if you want port 22 though. And, like you said, you can turn
> off user/pass logins and force public/private keys. Even that's not
> 100% (Debian bug not so long ago), but it's a LOT better. And it's so
> much better than HTTP digest auth that it's not really worth talking
> about.
>
>
> _______________________________________________
> mythtv-users mailing list
> mythtv-users at mythtv.org
> http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mythtv.org/pipermail/mythtv-users/attachments/20100215/c5cedc09/attachment.htm>
More information about the mythtv-users
mailing list