View unanswered posts    View active topics

Board index KnoppMyth General

All times are UTC - 6 hours





Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 
Print view Previous topic   Next topic  
Author Message
Search for:
es4PM
PostPosted: Mon Oct 29, 2007 10:59 am 
Offline
Joined: Fri Oct 27, 2006 4:28 am
Posts: 17
Hi,

I'm decided to run iFolder server on my KnoppMyth R5F27.
Is it secure to use howto made to Debian Sarge:
http://www.ifolder.com/index.php/HowTo:_Building_iFolder_Server_On_Debian_Sarge
although R5F27 is based on Debian Sid?

I'm also going to follow these:
http://www.mysettopbox.tv/phpBB2/viewtopic.php?t=15796
instruction to set up https and open the https port to the internet (so iFolder would also running via https). I would rather not use ssh tunneling because not every computer has ssh-client installed.

I'm connected to internet via D-Link DI-524
http://www.dlink.co.uk/?go=gNTyP9CgrdFOIC4AStFCF834mptYKO9ZTdvhLPG3yV3oVYx+g6ltbNlwaaFp6DQoHDrqzi9F/YoBB9k=.
It has only NAT firewall. I'm just forwarding https port to my htpc. Is this safe enough?

Thanks in advance.

- es4PM
Top
 Profile  
 
alien
 Post subject:
PostPosted: Mon Nov 12, 2007 2:02 am 
Offline
Joined: Mon Jun 21, 2004 5:28 am
Posts: 700
Location: Germany
Continuing the discussion from http://mysettopbox.tv/phpBB2/viewtopic.php?t=103281

es4PM wrote:
Quote:
I skimmed the iFolder install instructions and it basically disables all the apache security described here for the iFolder directories.


Does that matter (or how much) if ifolder (and it's directories) is behind of protected https connection?

ssh only protects the transport so no one can see any passwords or other information you enter. Anyone can connect to an ssh connection. Strict passwords (or client certificates) are required to protect access.

iFolder disables the apache password protection and implements its own. That's a very bad sign.....

_________________
ASUS AT3N7A-I (Atom 330)
TBS 8922 PCI (DVB-S2)
Top
 Profile  
 
es4PM
 Post subject:
PostPosted: Mon Nov 12, 2007 10:31 am 
Offline
Joined: Fri Oct 27, 2006 4:28 am
Posts: 17
Is it possible to set ifolder not to disable the apache password and use both logins (apache + ifolder)?

Or should I just give up and use some ssh-based synchronising program? Any suggestions?

thanks es4PM
Top
 Profile  
 
alien
 Post subject:
PostPosted: Mon Nov 12, 2007 12:21 pm 
Offline
Joined: Mon Jun 21, 2004 5:28 am
Posts: 700
Location: Germany
Sorry, I don't know enough about iFolder to answer.

I can't even say if iFolder is secure or not when enabled properly. All I can say is that any web application that requires disabling security in the server needs to be closely investigated before installing.

I suspect that iFolder is an automated tool that doesn't work if passwords are prompted for and no one is there to type them in. If that is so, you might be able to set up certificates to allow apache to do the validation. You'll have to do a bit of research first....

The bottom line is, mythtv (and knoppmyth) is not designed for this. I would recommend a separate server for any tools where the security is not well understood.

_________________
ASUS AT3N7A-I (Atom 330)
TBS 8922 PCI (DVB-S2)
Top
 Profile  
 

Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 


Board index KnoppMyth General

All times are UTC - 6 hours




Who is online

Users browsing this forum: No registered users and 15 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group

Theme Created By ceyhansuyu