[mythtv-users] Securing mythweb
Travis Tabbal
travis at tabbal.net
Mon Feb 15 17:53:27 UTC 2010
On Mon, Feb 15, 2010 at 10:34 AM, Jack McGee <jack at greendesk.net> wrote:
> This thread seems appropriate for my question. I had htdigest enabled,
> and logging in from public internet, but realized anyone could snoop and
> find my password that way. I know about OPENVPN and that I can enable on
> my buffalo-tomato firmware router, but then I have to run client software.
> I want to be able to access it from my WM6 phone, work computer (from behind
> work proxy), etc. Without loading any software. I know I can connect to my
> bank securely and not load software. Is that possible either on the router
> as a gateway to home network, or the mythtv FE/BE?
>
As mentioned already, you need to enable SSL on your mythweb server. If you
use a self-signed cert you will get a warning from your web browser, and
be vulnerable to MIM attack for the first time you connect, but that's
likely ok for this use.
I don't know if WM6 has the client, but I have openVPN on my G1. Works fine.
Work computers are harder, and SSL is probably the best choice in that case.
You can also tunnel SSH over the proxy, but that's probably "frowned upon".
Just google for configuring apache for ssl. It's not really that hard to do
and is the most universal solution. Then change the port forwarding you have
for port 80 to port 443.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mythtv.org/pipermail/mythtv-users/attachments/20100215/b27d0335/attachment-0001.htm>
More information about the mythtv-users
mailing list