View unanswered posts    View active topics

All times are UTC - 6 hours





Post new topic Reply to topic  [ 5 posts ] 
Print view Previous topic   Next topic  
Author Message
Search for:
PostPosted: Wed Jul 26, 2006 8:17 pm 
Offline
Joined: Sun Sep 25, 2005 3:50 pm
Posts: 1013
Location: Los Angeles
Hi all,
Like my last post i was going to put this on the wiki, but thought I'd post it here first to see if anyone finds any misteeks. :)

---

How To Access Your MythWeb Page More Securely with SSH

Now that you have Public-Key Encription enabled on your SSH connection to your MythTV box, wouldn't it be nice to access MythWeb remotely without exposing port 80 of your MythTV box to the world? I thought so too. Here's how I did it.

Building a SSH Tunnel . . . It's cheaper than Boston's "Big Dig" and easier than you think!

Again, you'll need PuTTY to do do this.

- Crank up PuTTY on your Windows box and load your SSH settings, but don't press open...yet.

- Under SSH in the tree on the left, select Tunnels.

- Under Add New Forwarded Port enter:
Code:
Source port: 80
Destination: Internal_LAN_IP_Address_of_MythTV_Box:80

For example:
Code:
Source port: 80
Destination: 192.168.105.7:80

Where 192.168.105.7 is the internal LAN IP address of my MythTV box on my home network. BTW, it helps if you've configured a static IP address for your MythTV box. You'll always know where it is. Ensure Local and Auto radio buttons are selected under destination.
Press Add

(As a post-script to this step... If you enter the IP Address (or the host name of your DNS service) to your internet connection at home (WAN - the IP address your ISP assigned to your connection at home) instead of your internal LAN IP address of your MythTV box, you'll get to the setup page of your router. It can come in handy if you ever need to remotely configure your router.)

- In the SSH tree on the left, select Session.
In the saved session box, give it a new name. (i.e. SSH-HTTP tunnel) and press Save

- Press Open. Your SSH terminal window will open. Enter your mythtv username and the passphrase. (You didn't leave the passphrase blank when you set up the Public-Key Encription, did you?)
Minimize the terminal window.

- Fire up Firefox (or another web browser of your choice). In the address bar, type
Code:
http://localhost/mythweb/

You should be presented with your MythWeb page! To kill the tunnel, pull up the terminal you minimized and type exit.

You can use a tunnel to do lots-o-things, this is just one example that I thought would be practical to many MythTV users.

Resources: http://www.cyberknights.com.au/doc/PuTTY-tunnelling-HOWTO.html
http://souptonuts.sourceforge.net/sshtips.htm

_________________
Mike
My Hardware Profile


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jul 28, 2006 7:07 am 
Offline
Joined: Tue Apr 13, 2004 6:51 pm
Posts: 890
Location: Groton, MA
YOU ARE THE MAN!!!

I have switch jobs over the past couple months. The firewall admin at the new job is very restrictive. I am restricted on outbound....OUTBOUND requests to http on 80, https on 443 and ssh on 22.

I had to move my webserver from 8080 to 80. Admin guy said "No corp firewall allows internal users to access a webserver on a non 80 port" news to me.

While I could easily move my webserver, I had no port to then access the feed from my MythStreamTV and MythStreamTVLive streams.

You, my friend, have solved this. I am currently streaming live though a SSH tunnel. VERY cool.

I did need to install the vlc client as WMP griped about a corrupt stream...maybe the WMP version, who knows.

Lots of technology...

Code:
XP -> vlc client -> putty -> (ssh tunnel) -> SSHD -> vlc server -> pvr250

_________________
R5F1 - Dell P4 2.4Ghz 500MB - PVR250 x 2 - GeForce FX 5200 - Onboard sound/NIC 80GB ATA/250GB ATA/400GB SATA


Top
 Profile  
 
 Post subject:
PostPosted: Fri Jul 28, 2006 9:05 am 
Offline
Joined: Sun Sep 25, 2005 3:50 pm
Posts: 1013
Location: Los Angeles
I'm very pleased that this is working for you. It feels great to give something back to the community! :D

I was able to successfully get Webmin running thru the tunnel and now I see you can even stream live tv?! Wow. It's more powerful than I imagined! 8)

_________________
Mike
My Hardware Profile


Top
 Profile  
 
 Post subject:
PostPosted: Mon Jul 31, 2006 11:47 am 
Offline
Joined: Sun Sep 25, 2005 3:50 pm
Posts: 1013
Location: Los Angeles
This HowTo was added to the KnoppMyth Wiki. If you have any changes/additions to this information, please do it on the Wiki.

http://www.knoppmythwiki.org/index.php?page=AccessMythWebSecurelyWithSSHandPuTTY

_________________
Mike
My Hardware Profile


Top
 Profile  
 
 Post subject:
PostPosted: Sat Aug 09, 2008 3:29 am 
Offline
Joined: Wed Dec 10, 2003 8:31 pm
Posts: 1996
Location: /dev/null
Great post dude. Saves me from locking down mythweb. Here is a template for putty. Simply copy/paste into a fresh text file under Windows, save the text file as "putty.reg" or something that ends in .reg, then double-click it to add it to your putty. From there, simply load the profile, enter the IP to your mythbox and save it.

As the above states, once you connect via this, simply type the following into your browser:

http://localhost:10080

That should trigger the secure tunnel from the mythbox to your win box.

Code:
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\Sessions\session_with_http_tunnel]
"Present"=dword:00000001
"HostName"="IP_OF_BOX"
"LogFileName"="putty.log"
"LogType"=dword:00000000
"LogFileClash"=dword:ffffffff
"LogFlush"=dword:00000001
"SSHLogOmitPasswords"=dword:00000001
"SSHLogOmitData"=dword:00000000
"Protocol"="ssh"
"PortNumber"=dword:00000016
"CloseOnExit"=dword:00000001
"WarnOnClose"=dword:00000001
"PingInterval"=dword:00000000
"PingIntervalSecs"=dword:00000000
"TCPNoDelay"=dword:00000001
"TCPKeepalives"=dword:00000000
"TerminalType"="xterm"
"TerminalSpeed"="38400,38400"
"TerminalModes"="INTR=A,QUIT=A,ERASE=A,KILL=A,EOF=A,EOL=A,EOL2=A,START=A,STOP=A,SUSP=A,DSUSP=A,REPRINT=A,WERASE=A,LNEXT=A,FLUSH=A,SWTCH=A,STATUS=A,DISCARD=A,IGNPAR=A,PARMRK=A,INPCK=A,ISTRIP=A,INLCR=A,IGNCR=A,ICRNL=A,IUCLC=A,IXON=A,IXANY=A,IXOFF=A,IMAXBEL=A,ISIG=A,ICANON=A,XCASE=A,ECHO=A,ECHOE=A,ECHOK=A,ECHONL=A,NOFLSH=A,TOSTOP=A,IEXTEN=A,ECHOCTL=A,ECHOKE=A,PENDIN=A,OPOST=A,OLCUC=A,ONLCR=A,OCRNL=A,ONOCR=A,ONLRET=A,CS7=A,CS8=A,PARENB=A,PARODD=A,"
"AddressFamily"=dword:00000000
"ProxyExcludeList"=""
"ProxyDNS"=dword:00000001
"ProxyLocalhost"=dword:00000000
"ProxyMethod"=dword:00000000
"ProxyHost"="proxy"
"ProxyPort"=dword:00000050
"ProxyUsername"=""
"ProxyPassword"=""
"ProxyTelnetCommand"="connect %host %port\\n"
"Environment"=""
"UserName"=""
"LocalUserName"=""
"NoPTY"=dword:00000000
"Compression"=dword:00000000
"TryAgent"=dword:00000001
"AgentFwd"=dword:00000000
"ChangeUsername"=dword:00000000
"Cipher"="aes,blowfish,3des,WARN,des,arcfour"
"KEX"="dh-gex-sha1,dh-group14-sha1,dh-group1-sha1,WARN"
"RekeyTime"=dword:0000003c
"RekeyBytes"="1G"
"SshNoAuth"=dword:00000000
"AuthTIS"=dword:00000000
"AuthKI"=dword:00000001
"SshNoShell"=dword:00000000
"SshProt"=dword:00000002
"SSH2DES"=dword:00000000
"PublicKeyFile"=""
"RemoteCommand"=""
"RFCEnviron"=dword:00000000
"PassiveTelnet"=dword:00000000
"BackspaceIsDelete"=dword:00000001
"RXVTHomeEnd"=dword:00000000
"LinuxFunctionKeys"=dword:00000000
"NoApplicationKeys"=dword:00000000
"NoApplicationCursors"=dword:00000000
"NoMouseReporting"=dword:00000000
"NoRemoteResize"=dword:00000000
"NoAltScreen"=dword:00000000
"NoRemoteWinTitle"=dword:00000000
"RemoteQTitleAction"=dword:00000001
"NoDBackspace"=dword:00000000
"NoRemoteCharset"=dword:00000000
"ApplicationCursorKeys"=dword:00000000
"ApplicationKeypad"=dword:00000000
"NetHackKeypad"=dword:00000000
"AltF4"=dword:00000001
"AltSpace"=dword:00000000
"AltOnly"=dword:00000000
"ComposeKey"=dword:00000000
"CtrlAltKeys"=dword:00000001
"TelnetKey"=dword:00000000
"TelnetRet"=dword:00000001
"LocalEcho"=dword:00000002
"LocalEdit"=dword:00000002
"Answerback"="PuTTY"
"AlwaysOnTop"=dword:00000000
"FullScreenOnAltEnter"=dword:00000000
"HideMousePtr"=dword:00000000
"SunkenEdge"=dword:00000000
"WindowBorder"=dword:00000001
"CurType"=dword:00000000
"BlinkCur"=dword:00000000
"Beep"=dword:00000001
"BeepInd"=dword:00000000
"BellWaveFile"=""
"BellOverload"=dword:00000001
"BellOverloadN"=dword:00000005
"BellOverloadT"=dword:000007d0
"BellOverloadS"=dword:00001388
"ScrollbackLines"=dword:000000c8
"DECOriginMode"=dword:00000000
"AutoWrapMode"=dword:00000001
"LFImpliesCR"=dword:00000000
"DisableArabicShaping"=dword:00000000
"DisableBidi"=dword:00000000
"WinNameAlways"=dword:00000001
"WinTitle"=""
"TermWidth"=dword:00000050
"TermHeight"=dword:00000018
"Font"="Fixedsys"
"FontIsBold"=dword:00000000
"FontCharSet"=dword:00000000
"FontHeight"=dword:00000009
"FontQuality"=dword:00000000
"FontVTMode"=dword:00000004
"UseSystemColours"=dword:00000000
"TryPalette"=dword:00000000
"ANSIColour"=dword:00000001
"Xterm256Colour"=dword:00000001
"BoldAsColour"=dword:00000001
"Colour0"="255,255,255"
"Colour1"="255,255,255"
"Colour2"="47,0,41"
"Colour3"="85,85,85"
"Colour4"="0,0,0"
"Colour5"="0,255,0"
"Colour6"="77,77,77"
"Colour7"="85,85,85"
"Colour8"="187,0,0"
"Colour9"="255,85,85"
"Colour10"="152,251,152"
"Colour11"="85,255,85"
"Colour12"="240,230,140"
"Colour13"="255,255,85"
"Colour14"="205,133,63"
"Colour15"="135,206,235"
"Colour16"="255,222,173"
"Colour17"="255,85,255"
"Colour18"="255,160,160"
"Colour19"="255,215,0"
"Colour20"="245,222,179"
"Colour21"="255,255,255"
"RawCNP"=dword:00000000
"PasteRTF"=dword:00000000
"MouseIsXterm"=dword:00000000
"RectSelect"=dword:00000000
"MouseOverride"=dword:00000001
"Wordness0"="0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0"
"Wordness32"="0,1,2,1,1,1,1,1,1,1,1,1,1,2,2,2,2,2,2,2,2,2,2,2,2,2,1,1,1,1,1,1"
"Wordness64"="1,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,1,1,1,1,2"
"Wordness96"="1,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,1,1,1,1,1"
"Wordness128"="1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1"
"Wordness160"="1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1"
"Wordness192"="2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,1,2,2,2,2,2,2,2,2"
"Wordness224"="2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,1,2,2,2,2,2,2,2,2"
"LineCodePage"="ISO-8859-1:1998 (Latin-1, West Europe)"
"CJKAmbigWide"=dword:00000000
"UTF8Override"=dword:00000001
"Printer"=""
"CapsLockCyr"=dword:00000000
"ScrollBar"=dword:00000001
"ScrollBarFullScreen"=dword:00000000
"ScrollOnKey"=dword:00000000
"ScrollOnDisp"=dword:00000001
"EraseToScrollback"=dword:00000001
"LockSize"=dword:00000000
"BCE"=dword:00000001
"BlinkText"=dword:00000000
"X11Forward"=dword:00000001
"X11Display"=""
"X11AuthType"=dword:00000001
"LocalPortAcceptAll"=dword:00000001
"RemotePortAcceptAll"=dword:00000000
"PortForwardings"="L10080=localhost:80,"
"BugIgnore1"=dword:00000000
"BugPlainPW1"=dword:00000000
"BugRSA1"=dword:00000000
"BugHMAC2"=dword:00000000
"BugDeriveKey2"=dword:00000000
"BugRSAPad2"=dword:00000000
"BugPKSessID2"=dword:00000000
"BugRekey2"=dword:00000000
"StampUtmp"=dword:00000001
"LoginShell"=dword:00000001
"ScrollbarOnLeft"=dword:00000000
"BoldFont"=""
"BoldFontIsBold"=dword:0040bd58
"BoldFontCharSet"=dword:00468334
"BoldFontHeight"=dword:0012ffb0
"WideFont"=""
"WideFontIsBold"=dword:c1b51467
"WideFontCharSet"=dword:0040bd58
"WideFontHeight"=dword:0012ea24
"WideBoldFont"=""
"WideBoldFontIsBold"=dword:00000000
"WideBoldFontCharSet"=dword:c1b51467
"WideBoldFontHeight"=dword:0000000a
"ShadowBold"=dword:00000000
"ShadowBoldOffset"=dword:00000001
"SerialLine"="COM1"
"SerialSpeed"=dword:00002580
"SerialDataBits"=dword:00000008
"SerialStopHalfbits"=dword:00000002
"SerialParity"=dword:00000000
"SerialFlowControl"=dword:00000001

_________________
Retired KM user (R4 - R6.04); friend to LH users.


Top
 Profile  
 

Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 5 posts ] 


All times are UTC - 6 hours




Who is online

Users browsing this forum: No registered users and 18 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group

Theme Created By ceyhansuyu