[mythtv-users] MINI HOWTO: Connection to mythweb using ssh

Christopher Flynn flynnguy at gmail.com
Tue Sep 28 09:22:31 EDT 2004


I don't know if there is any interest or not but I figured I would try
and start a trend here. I wrote up a mini howto on how to access
mythweb by using an ssh tunnel. This would be useful if you want to
use ssh from somewhere except you don't want the possibility of
someone finding your web server and attacking it.


MINI HOWTO: Connection to mythweb using ssh
author: Christopher Flynn
date: 9/28/04

I am going to briefly describe how to connect to mythweb that is
behind a firewall in a router. I will assume you have mythweb running.
If you need help with that please see the mythweb documentation:
http://www.mythtv.org/docs/ I will also assume that you know how to
forward ports on your router. This is different for each router so I
will not try and cover that here. You can consult the documentation
that came with your router for instructions on how to do that. You
will need to forward port 22 to the ipaddress that your computer with
mythtv is running. To find out the ipaddress type: ifconfig and look
for the following line:

inet addr:192.168.1.104 Bcast:192.168.1.255 Mask:255.255.255.0

It should be under the eth0 section. If you are running multiple
ethernet cards then it is up to you to figure out which section you
need. Your numbers may be different but you specifically need the
number that is where the number 192.168.1.104 is in my example above.

To connect you will need ssh. The version I am currently using is
OpenSSH 3.8.1p1. Most UNIX variants come with ssh and if they don't it
should be easy to get. For windows you can use cygwin, which emulates
a UNIX environment, or you can use an ssh program like PuTTY. If you
need to use windows on a daily basis I would recommend installing
cygwin because it has a lot of other UNIX tools other than just ssh.
If you are somewhere and don't want to install a lot of stuff, PuTTY
is a great solution because it is one .exe file so there is no
install, you just run it. First I will briefly cover ssh.

ssh stands for secure shell and is used most to connect to a remote
machine using encryption so no one can eavesdrop. To connect to a
remote machine is easy, just type:
ssh username at remotedomain

my username is cflynn and on my local network I want to connect to
192.168.1.104 (you can use the ip address instead of a domain name
like somewhere.com which you may not have) in this case I would type:
"ssh cflynn at 192.168.1.104" It will ask me if I want to accept the key
into my keychain the first time, say yes. It will then ask your for
you password. You are now connected to your remote computer and can do
pretty much whatever you could if you were connected to that computer.
Putty works similarly except when you run it you get a dialog box and
you just need to put the user at remotedomain line in the field for "Host
Name (or IP address)" but leave the Port number alone. (It should be
22)

Now this will let you do most things but it won't let you run X11
programs. For this you can give it the -X flag but I am not going to
go into that here since our main concern is mythweb.

To foward a port you need to use the -L option and it will look
something like this:
ssh -L <local port>:localhost:<remote port> user at remotedomain

The local port is what you connect your web browser to. The default
web port is port 80. If you are already running a web server on your
local computer you can specify another port here and then point your
web browser to that port. (examples to follow) the line localhost is
where the connection to your browser will happen, it should be your
computer. The default domain name is localhost but if that doesn't
work you can use the ip address 127.0.0.1 which is called a loopback
because it points to the computer you are on. The remote port is the
port on the remote computer that the web browser is running. This too
will most likely be port 80 but if you are running your web server on
a different port, then that gets specified here. user at remotedomain is
just like above.

Got all that? So an example would be:
ssh -L 80:localhost:80 cflynn at mydomain.com

This will prompt you for a password and it will seem like all you did
was ssh to your remote computer. Now open up your web browser and
point it to: http://localhost/mythweb/
(note: You need to keep the terminal window that you typed the ssh
command open or the ssh tunnel will close) Now if you don't have a
domain name, just use your WAN ipaddress. Usually you can find that
information from your router.

Now if you are running a web server on your local computer, you will
need to use a different port. In this case we'll use 8080 because it's
a nice number. In this case you would type:
ssh -L 8080:localhost:80 cflynn at mydomain.com

Notice the remote port stays the same. Now point your browser to the
new port: http://localhost:8080/mythweb/

To tunnel using PuTTY, in the connection dialog box go to
Connection->SSH->Tunnels and at the bottom for the source port is the
same as the <local port> above and the destination should be:
"localhost<remote port>. Also below that make sure local is selected.
Then click the add button. Remember, don't close the putty window or
your tunnel will close as well.

Well that's about it, if you have any questions or comments, please
reply to the mailing list so they get archived as well. If you think
these mini howtos are a good idea let it be known or even submit your
own! I don't know a whole lot about mythtv but I know a bit about
UNIX. Also if you think it's a bad idea let everyone know too. I
figure the mailing list is the best place for these because then they
will be accesible via the archives.


More information about the mythtv-users mailing list