[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] SSH Tunneling - Cheap client to use?
- Subject: Re: [cobalt-security] SSH Tunneling - Cheap client to use?
- From: Ted Behling <TBehling@xxxxxxxxxxxxx>
- Date: Sun, 19 Aug 2001 00:58:20 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
At 06:17 PM 8/19/01 +0200, Michael Stauber wrote:
>errrr ... why aren't you switching the entire Cobalt Admin GUI over to
HTTPS?
>That would serve the same purpose and would secure it for all your clients.
>
>All you need to do is to generate a self signed SSL certificate for your
>primary site. Once that's done and once the admin server detects the
presence
>of this particular SSL certificate, it'll use it to switch the entire admin
>interface over to HTTPS.
You're right, that would encrypt the session. I believe Brandon is trying
to use SSH's strong authentication as another layer of security. If he
binds the administrative Apache daemon to only localhost, he also avoids
blatant advertising that he's running a Cobalt.
I suggested using SSH tunnelling for the admin Web server in a previous
post, although he may have gotten the idea from somewhere else.
--------------------------------------------------------------------------
Ted Behling, Web Application Developer - Monarch Information Systems, Inc.
43 Folly Field Road, Unit 4, Hilton Head Island, SC 29928-5434
E-mail: mailto:TBehling@xxxxxxxxxxxxx
Phone/Fax: 1-800-842-7894 Local or Outside the USA: 1-843-842-7894
Cell Phone (urgent issues): 843-816-7895
Cell Phone E-mail: mailto:TedPhone@xxxxxxxxxxxxx (116 letter limit)
Web site: http://www.MonarchIS.net
--------------------------------------------------------------------------