[mythtv-users] MythWeb from outside my lan (from internet)
Tom Dexter
digitalaudiorock at gmail.com
Sun Sep 27 17:03:32 UTC 2009
On Fri, Sep 25, 2009 at 12:13 PM, Mache Creeger <mache at creeger.com> wrote:
> At 08:51 AM 9/25/2009, you wrote:
>
> I don't like the idea of opening my internal servers to the public
> internet. So to combat this, I have used DD-WRT to create a VPN to my home
> network. I can keep everything behind the firewall, and VPN into my home
> network (using the OpenVPN client on my work Windoze box, or my Ubuntu
> Laptop). Not only do I get access to my MythWeb, I can get access to
> ANYTHING on my home network. It's really the safest thing to do.
>
> Jim
>
> If you are using Gnome on the server, you use Remote Desktop and access it
> from the Internet via tightVNC going through an SSH encrypted tunnel. I use
> putty and puttygen SSH clients running on Windows.
>
> Once the link is established and you can see the server desktop, launch a
> browser on the server desktop and access 127.0.0.1/mythweb to get to
> Mythweb.
>
> I disable password signon on the server and use SSH with a 2048-bit key
> (generated by puttygen) so its a pretty secure link. (the config files on
> Fedora are /etc/ssh/sshd_config and ~./.ssh/authorized_keys)
>
> For directions to set up the link look here:
> http://ubuntuswitch.wordpress.com/2007/07/01/securely-remote-control-your-ubuntu-via-putty-from-a-windows-host-vncssh/
>
> If you need more help, I would be happy to walk you through it.
>
> -- Mache
>
Wow...that seems way more complex that it needs to be. What is the
VNC part needed for? If you establish an ssh tunnel to the mythweb
server port 80 on a local port you should just be able to browse to it
at localhost and it will work. I do that all the time.
Also, this works fine with ssh running under cygwin. I find that much
easier frankly than screwing with putty's inexcusably awful UI. ssh
run from within cygwin can use private keys generated with ssh-keygen
as-is.
All you need to do is set up ssh access from the outside to any box on
your lan (not necessarily the myth backend) and then set up the tunnel
with:
ssh -L localhost:<any_port_number>:<lan_address_of_myth_backend>:80
user@<remote_ip>
...and you should just be able to browse to
localhost:<the_port_used_above>/mythweb
Tom
More information about the mythtv-users
mailing list