[mythtv-users] Securing mythweb
Kenneth Emerson
kenneth.emerson at gmail.com
Tue Feb 9 20:20:23 UTC 2010
On Tue, Feb 9, 2010 at 1:54 PM, Ian Oliver <lists at foxhill.co.uk> wrote:
> In article
> <d38b16d81002090735s5ee966bah7b714f1b179b24fc at mail.gmail.com>, Marc
> Randolph wrote:
> > If this is just for use within your 192.168.1.x network, all you
> > should need to do is:
>
> I want no password internally but also to be able to access it from
> work, parents, etc.
>
> Ian
>
> Honestly, I have to concur with Travis. Using an open source terminal
> program like putty, it is pretty easy to tell it to tunnel a port into your
> mythtv box (e.g. -L9000:127.0.0.1:80 which will tunnel port 9000 on your
> remote PC to the standard web port 80 on your mythtv computer). I would
> definitely recommend using an RSA key pair with a pass phrase (put the
> private key on a USB thumb drive and carry around with you or install it
> permanently on the remote PCs you will be using). Disable userID logins
> (will always require the RSA key). You'll need to set your firewall (mythtv
> box and router) to pass the ssh port (22) through. All of these steps are
> easy to find HOWTOs on the web. This is a very secure method to protect
> yourself and once it is setup you just have to log in through putty then
> launch your browser with the URL of http://127.0.0.1:9000/mythweb or where
> ever your mythweb is located.
>
Once you open up port 22 on your mythtv box to the internet, it will be hit
by computers trying to hack into it (check out logwatch to find out). If
you leave userID logins enabled, odds are you will eventually get hacked.
-- Ken E.
>
> _______________________________________________
> mythtv-users mailing list
> mythtv-users at mythtv.org
> http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mythtv.org/pipermail/mythtv-users/attachments/20100209/8c570be9/attachment.htm>
More information about the mythtv-users
mailing list