Author |
Message |
IVRgeek
|
Posted: Fri Mar 24, 2006 6:54 pm |
|
Joined: Sat Feb 04, 2006 8:48 pm
Posts: 7
|
Started fresh with R5B7 and can't seem to log onto Mythweb with configured mythtv username and password. Was working on B32.
Have followed the Wiki, the posts I've read on here (noob, etc.), and various Google posts.
Am I supposed to be using the htdigest now? How exactly am I to config httpd.conf under /etc/apache/httpd.conf ? could someone show me a before and after?
I've made:
#
Port 8050
and that seems to work for getting the main page with:
MythWeb:
avimanager
MythTVdocs:
MythTVkeys:
But when I click on Mythweb and input the configured username and password, nothing.
So, when I log into Mythweb http://192.168.0.101:8050 I get the front page. Clicking on MythWeb, and input username and password as following directions on Wiki, the request popup for username and password keeps coming back, and I get nowhere.
I found the script ToggleWebSecurity.sh, and so tried with -myweb, but didn't work. So tried -all, and I'm in. I want this secure. What am I missing?
|
|
Top |
|
|
ryanpatterson
|
Posted: Sat Mar 25, 2006 10:40 am |
|
Joined: Fri Aug 26, 2005 9:54 pm
Posts: 617
|
R5B7 uses digest passwords for mythweb. Not all browsers are 100% compatable with digest passwords. Also the version of apache in R5B7 does not agree with Internet Explorer conserning digest passwords. I'm not sure which one is "broken". In short try using firefox to contact mythweb.
|
|
Top |
|
|
IVRgeek
|
Posted: Sat Mar 25, 2006 12:14 pm |
|
Joined: Sat Feb 04, 2006 8:48 pm
Posts: 7
|
I am using Firefox.
Could you post an example of a before and after config file?
|
|
Top |
|
|
ryanpatterson
|
Posted: Sat Mar 25, 2006 12:51 pm |
|
Joined: Fri Aug 26, 2005 9:54 pm
Posts: 617
|
IVRgeek wrote: I am using Firefox.
Could you post an example of a before and after config file?
Everything should be already set when you install knoppmyth. Your .htaccess file(s) should have:
Code: AuthType Digest AuthName "MythTV" AuthDigestFile /var/www/htdigest Require valid-user
And the file /var/www/htdigest should be created using the "htdigest" program.
What error is listed in /var/log/apache/access.log?
|
|
Top |
|
|
IVRgeek
|
Posted: Sun Mar 26, 2006 2:46 pm |
|
Joined: Sat Feb 04, 2006 8:48 pm
Posts: 7
|
Okay. Here is the apache access log with some of the pub IPs edited out. Also at the bottom you will notice I was using a different browser.
192.168.0.100 - - [24/Mar/2006:16:38:14 -0800] "GET /mythweb/tv/channel?chanid=1 042&time=1143273600 HTTP/1.1" 200 5435 "http://192.168.0.101:8050/mythweb/tv/cha nnel/1042/1143246600" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.7) Gecko/20050414 Firefox/1.0.3" "-"
192.168.0.100 - - [24/Mar/2006:16:41:27 -0800] "GET /mythweb/tv/channel/1042/114 3246600 HTTP/1.1" 200 5384 "http://192.168.0.101:8050/mythweb/tv/list" "Mozilla/ 5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.7) Gecko/20050414 Firefox/1.0.3" "-"
192.168.0.100 - - [24/Mar/2006:16:46:22 -0800] "GET /mythweb/mythweb.php HTTP/1. 1" 401 481 "http://192.168.0.101:8050/" "Mozilla/5.0 (Windows; U; Windows NT 5.1 ; en-US; rv:1.7.7) Gecko/20050414 Firefox/1.0.3" "-"
192.168.0.100 - mythtv [24/Mar/2006:16:46:26 -0800] "GET /mythweb/mythweb.php HT TP/1.1" 401 481 "http://192.168.0.101:8050/" "Mozilla/5.0 (Windows; U; Windows N T 5.1; en-US; rv:1.7.7) Gecko/20050414 Firefox/1.0.3" "-"
192.168.0.100 - mythtv [24/Mar/2006:16:46:30 -0800] "GET /mythweb/mythweb.php HT TP/1.1" 401 481 "http://192.168.0.101:8050/" "Mozilla/5.0 (Windows; U; Windows N T 5.1; en-US; rv:1.7.7) Gecko/20050414 Firefox/1.0.3" "-"
192.168.0.100 - - [24/Mar/2006:16:59:05 -0800] "GET /mythweb/mythweb.php HTTP/1. 1" 401 481 "http://192.168.0.101:8050/" "Mozilla/5.0 (Windows; U; Windows NT 5.1 ; en-US; rv:1.7.7) Gecko/20050414 Firefox/1.0.3" "-"
192.168.0.100 - root [24/Mar/2006:16:59:08 -0800] "GET /mythweb/mythweb.php HTTP /1.1" 401 481 "http://192.168.0.101:8050/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.7) Gecko/20050414 Firefox/1.0.3" "-"
192.168.0.100 - www-data [24/Mar/2006:16:59:14 -0800] "GET /mythweb/mythweb.php HTTP/1.1" 401 481 "http://192.168.0.101:8050/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.7) Gecko/20050414 Firefox/1.0.3" "-"
xx.18x.245.235 - - [26/Mar/2006:11:55:36 -0800] "GET / HTTP/1.1" 200 987 "-" "Mo zilla/5.0 (X11; U; Linux i686; en-US; rv:1.7. Gecko/20050927 Debian/1.7.8-1sar ge3" "-"
xxxx.xxxx.xxxx.xxxx - - [26/Mar/2006:11:55:42 -0800] "GET /mythweb/mythweb.php HTTP/1 .1" 401 482 "http://xxx.250.150.30:8050/" "Mozilla/5.0 (X11; U; Linux i686; en-U S; rv:1.7. Gecko/20050927 Debian/1.7.8-1sarge3" "-"
|
|
Top |
|
|
ryanpatterson
|
Posted: Sun Mar 26, 2006 4:41 pm |
|
Joined: Fri Aug 26, 2005 9:54 pm
Posts: 617
|
Humm nothing weird there. I guess I should have asked you to post some of error.log also.
|
|
Top |
|
|
myth19kirt
|
Posted: Sun Mar 26, 2006 10:31 pm |
|
Joined: Fri Mar 24, 2006 10:35 pm
Posts: 89
Location:
Detroit, MI
|
Hi. Newbie here. I thought about this problem before. What quickly came to me was to add a DNS entry on all of my machines instead of using an IP. like MyMyth = 192.168.1.12 within my LAN and offsite MyMyth = 66.47.9.257 or whatever my ISP provides for me.
Remember having to change LOCALHOST in the original install.
Also do you need to be able to get to MySql database or does MythWeb handle that?
Just my thoughts.
|
|
Top |
|
|
IVRgeek
|
Posted: Mon Mar 27, 2006 8:51 am |
|
Joined: Sat Feb 04, 2006 8:48 pm
Posts: 7
|
[Fri Mar 24 16:59:14 2006] [error] [client 192.168.0.100] Digest: user `www-data' in realm `MythTV' not found: /mythweb/mythw
eb.php
[Fri Mar 24 17:00:30 2006] [notice] caught SIGTERM, shutting down
[Sun Mar 26 11:35:18 2006] [notice] Apache/1.3.33 (Debian GNU/Linux) mod_auth_pam/1.1.1 mod_gzip/1.3.26.1a PHP/4.3.4 configur
ed -- resuming normal operations
[Sun Mar 26 11:35:18 2006] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Sun Mar 26 11:55:47 2006] [error] [client xx.180.245.235] Digest: user mythtv: password mismatch: /mythweb/mythweb.php
[Sun Mar 26 12:35:37 2006] [error] [client xx.180.245.235] Digest: user mythtv: password mismatch: /mythweb/mythweb.php
[Sun Mar 26 12:35:54 2006] [error] [client xx.180.245.235] Digest: user mythtv: password mismatch: /mythweb/mythweb.php
[Sun Mar 26 12:39:45 2006] [notice] SIGHUP received. Attempting to restart
[Sun Mar 26 12:39:45 2006] [crit] (99)Cannot assign requested address: make_sock: could not bind to address xx.250.150.30 po
rt 8050
[Sun Mar 26 12:41:32 2006] [warn] pid file /var/run/apache.pid overwritten -- Unclean shutdown of previous Apache run?
[Sun Mar 26 12:41:32 2006] [notice] Apache/1.3.33 (Debian GNU/Linux) mod_auth_pam/1.1.1 mod_gzip/1.3.26.1a PHP/4.3.4 configur
ed -- resuming normal operations
[Sun Mar 26 12:41:32 2006] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Sun Mar 26 12:41:47 2006] [notice] caught SIGTERM, shutting down
[Sun Mar 26 12:42:47 2006] [notice] Apache/1.3.33 (Debian GNU/Linux) mod_auth_pam/1.1.1 mod_gzip/1.3.26.1a PHP/4.3.4 configur
ed -- resuming normal operations
[Sun Mar 26 12:42:47 2006] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Sun Mar 26 13:01:30 2006] [notice] SIGHUP received. Attempting to restart
[Sun Mar 26 13:01:30 2006] [notice] Apache/1.3.33 (Debian GNU/Linux) mod_auth_pam/1.1.1 mod_gzip/1.3.26.1a PHP/4.3.4 configur
ed -- resuming normal operations
[Sun Mar 26 13:01:30 2006] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Sun Mar 26 13:01:51 2006] [error] [client xx.180.245.235] Digest: user mythtv: password mismatch: /mythweb/mythweb.php
[Sun Mar 26 13:01:58 2006] [error] [client xx.180.245.235] Digest: user mythtv: password mismatch: /mythweb/mythweb.php
[Sun Mar 26 13:02:29 2006] [error] [client xx.180.245.235] Digest: user `MythTV' in realm `MythTV' not found: /mythweb/mythwe
b.php
[Sun Mar 26 13:02:33 2006] [error] [client xx.180.245.235] Digest: user mythtv: password mismatch: /mythweb/mythweb.php
[Sun Mar 26 13:02:50 2006] [error] [client xx.180.245.235] Digest: user mythtv: password mismatch: /mythtv-doc/mythtv-HOWTO.h
tml
[Sun Mar 26 13:05:35 2006] [notice] caught SIGTERM, shutting down
[Mon Mar 27 06:26:16 2006] [notice] Apache/1.3.33 (Debian GNU/Linux) mod_auth_pam/1.1.1 mod_gzip/1.3.26.1a PHP/4.3.4 configur
ed -- resuming normal operations
[Mon Mar 27 06:26:16 2006] [notice] Accept mutex: sysvsem (Default: sysvsem)
|
|
Top |
|
|
ryanpatterson
|
Posted: Tue Mar 28, 2006 6:49 am |
|
Joined: Fri Aug 26, 2005 9:54 pm
Posts: 617
|
IVRgeek wrote: [Sun Mar 26 11:55:47 2006] [error] [client xx.180.245.235] Digest: user mythtv: password mismatch: /mythweb/mythweb.php
Well it is pretty clear that apache thinks you are typing the wrong password.
Have you tried recreating the /var/www/htdigest file?
Use the program htdigest to do so.
Also you do have "AuthType Digest" in your .htaccess file, right? If you put "AuthType Basic" it wont work.
|
|
Top |
|
|
IVRgeek
|
Posted: Tue Mar 28, 2006 8:46 am |
|
Joined: Sat Feb 04, 2006 8:48 pm
Posts: 7
|
It's working now. Thanks for the help.
First of all, the WIKIs don't seem to apply to R5B7 regarding basicauth, etc.
The only way to get it to work (and after a lot of mucking around: Maybe it would have worked right off the bat if I hadn't followed the "How to secure MythWeb" wiki and other helpful Googled info) was to use
htdigest -c /var/www/htdigest MythTV mythtv
Usage: htdigest [-c] passwordfile realm username
The -c flag creates a new file.
Also, with all the mucking--mostly in /etc/apache/httpd.conf, this is what I ended up with.
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
#
AllowOverride All
# Force a password
# AuthType Basic
# AuthName "BasicAuth"
# AuthUserFile /etc/apache/basicauth
# Require valid-user
AuthType Digest
AuthName "MythTV"
AuthDigestFile /var/www/htdigest
Require valid-user
Fun stuff, eh, Bambi?[/code]
|
|
Top |
|
|
ceenvee703
|
Posted: Tue Mar 28, 2006 10:12 am |
|
Joined: Fri Apr 02, 2004 10:08 am
Posts: 1637
Location:
Virginia, USA
|
IVRgeek: it would be great to take what you've learned and put it at the top of the wiki page with a note that it applies to R5B7.
|
|
Top |
|
|
rteichman
|
Posted: Tue Mar 28, 2006 2:24 pm |
|
Joined: Wed Feb 02, 2005 4:07 pm
Posts: 141
|
Its seems the install does the httpd.conf work and sets up the mythtv account using the mythtv password entered.
NOW, can I delete the htdigest user list and start over without affecting ANYTHING else? I don't want "mythtv" to be a useable ID for mythweb. I want to use that account and its password "internally" but I want a more secure ID/password for mythweb.
|
|
Top |
|
|
ryanpatterson
|
Posted: Wed Mar 29, 2006 7:17 am |
|
Joined: Fri Aug 26, 2005 9:54 pm
Posts: 617
|
rteichman wrote: Its seems the install does the httpd.conf work and sets up the mythtv account using the mythtv password entered.
NOW, can I delete the htdigest user list and start over without affecting ANYTHING else? I don't want "mythtv" to be a useable ID for mythweb. I want to use that account and its password "internally" but I want a more secure ID/password for mythweb.
Go ahead and change the /var/www/htdigest file all you want. It will only affect the login for mythweb. You can add as many username/passwords as you like. One for each member of the family, or one for each day of the week, etc.
The Knoppmyth install prompts you for a password to secure mythweb durring the install. It does not use the system password for the mythtv user. (accepting of corse you typing in the identical password) The instructions on the wiki are outdated. Mythweb is secured by default now.
Last edited by ryanpatterson on Wed Mar 29, 2006 2:36 pm, edited 1 time in total.
|
|
Top |
|
|
rteichman
|
Posted: Wed Mar 29, 2006 8:00 am |
|
Joined: Wed Feb 02, 2005 4:07 pm
Posts: 141
|
ryanpatterson wrote: Go ahead and change the /var/www/htdigest file all you want. It will only affect the login for mythweb. .....It does not use the system password for the mythtv user.
Thanks. I use the mythtv password "in house" for SAMBA connections and thus want it fairly insecure (hate typing in long passwords ) but for mythweb which is open to the entire internet I want a more secure password.
|
|
Top |
|
|
dirknet2
|
Posted: Thu Apr 06, 2006 2:37 am |
|
Joined: Thu Apr 06, 2006 1:47 am
Posts: 1
|
yet another "gem post" ! \
Thanks mates, i reached the point that i understood to run htdigest, but changing the httpd.conf I didnt find yet... cheers matey !
|
|
Top |
|
|