I know you said you only want 443 open, but have you considered a port
knocker to only open up ssh when you need it?
-M

On Fri, Aug 7, 2009 at 9:44 AM, Shawn Badger <badger.shawn@gmail.com> wrote:

> As for the security on this, it is my intentions to first prevent browsing
> to the page. You will have to know the URL and then you get a password to
> connect to the page. Then this will be baked by iptalbes limiting who has
> access to get to that URL in the first place. I know this isn't 100%
> effective, but it should keep the kiddies at bay.
>
> BTW, this isn't going to be a public addressable site either.  I would not
> put something like this out and make it public accessible, that is just
> asking for being hacked.
>
>
>
>
> On Thu, Aug 6, 2009 at 4:54 PM, Lisa Kachold <lisakachold@obnosis.com>wrote:
>
>> I can offer my services to help you clean out the vermin later!
>>
>> If they can't protect OpenSSL based SSH, even with a layer of
>> IPTABLES, how are you going to protect a system suid process?
>>
>> Laugh <I agree with Ted here>.
>>
>> On 8/6/09, Stephen <cryptworks@gmail.com> wrote:
>> > also there is a wikepedia article if you google web ssh or jsut browse
>> > them, they appeared to have a few options.
>> >
>> > On Thu, Aug 6, 2009 at 4:31 PM, Shawn Badger<badger.shawn@gmail.com>
>> wrote:
>> >> That is more like what I ma looking for.
>> >>
>> >>
>> >> On Thu, Aug 6, 2009 at 4:19 PM, David Huerta <huertanix@gmail.com>
>> wrote:
>> >>>
>> >>> On Thu, Aug 6, 2009 at 4:04 PM, Shawn Badger<badger.shawn@gmail.com>
>> >>> wrote:
>> >>> > Does any on the list know of a good web based ssh client?
>> >>> > I would prefer it to run on my own system as opposed to going though
>> >>> > one
>> >>> > that I don't have control over.
>> >>> > It would also be nice if it was able to pass x-windows as well all
>> >>> > though
>> >>> > that isn't a requirement.
>> >>> >
>> >>>
>> >>> This won't do X11 forwarding, but for general command line usage, this
>> >>> AJAX web app seems to work: http://anyterm.org/
>> >>>
>> >>> --
>> >>> [.dh]
>> >>> ---------------------------------------------------
>> >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>> >>> To subscribe, unsubscribe, or to change your mail settings:
>> >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>> >>
>> >>
>> >> ---------------------------------------------------
>> >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>> >> To subscribe, unsubscribe, or to change your mail settings:
>> >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>> >>
>> >
>> >
>> >
>> > --
>> > A mouse trap, placed on top of your alarm clock, will prevent you from
>> > rolling over and going back to sleep after you hit the snooze button.
>> >
>> > Stephen
>> > ---------------------------------------------------
>> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>> > To subscribe, unsubscribe, or to change your mail settings:
>> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>> >
>>
>>
>> --
>> http://linuxgazette.net/165/kachold.html
>> (623)239-3392
>> (503)754-4452 www.obnosis.com
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>