SSL

[der.hans]

Am 25. Jun, 2000 schwäzte Don Harrop so:

> I've been playing with a program called webmin for a couple of months now

webmin's actually pretty cool.

> but I haven't been using it on a production machine because of security

Make it avaialble only to localhost, then use ssh and lynx.

> reasons.  It now supports SSL so I've been playing with that a little more
> too.  I've used mainly RPM distrobutions to install openSSL and openSSH but
> I couldn't get another component called Net::SSLeay installed with those

Net::SSLeay is probably the perl module. Your dist should have RPMs for
the various perl libs.

What dist are you using? Maybe someone can tell you what to search for.

> RPM'ed versions.  I got the .tar.gz files and compiled them.  I've got
> webmin working through SSL too but it pop's up with a security warning about
> the name of the security certificate not matching the name of the site.  I
> don't want to go out and buy a certificate.  Can't I generate my own?  Also

Yes. It'll work if you trust yourself :). Anybody else who would use it
would also have to set their browsers to trust your certificate
authority. Hopefully that shouldn't be too many people for webmin :).

> the openSSH that I compiled won't run the sshd daemon.  It complains that it
> can't find a file called ssh_host_key.  Am I supposed to generate this key?

Yup. See the SSH links off http://home.pages.de/~lufthans/unix/ for more
info in setting up SSH. The how to get started has what you're looking
for.

ciao,

der.hans
-- 
#  der.hans@LuftHans.com   home.pages.de/~lufthans/   www.Opnix.com
# It's up to the reader to make the book interesting.
# An author has only the opportunity to make it uninteresting. - der.hans