[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [hobbit] Securing Hobbit from visitors
- To: hobbit (at) hswn.dk
- Subject: Re: [hobbit] Securing Hobbit from visitors
- From: Ben <azlobo73 (at) gmail.com>
- Date: Tue, 11 Mar 2008 22:44:28 -0700
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=YOmDpSKgCclZf+5nJ+XAcc8pHeuowD2qZp0n0lBzZdk=; b=GQuUgeJnw2V+ljlfu6qte8vtgOiRtACXYzM3P8nPOzNVKiNFzG/GM/QH7XhyohPjZE6O+fqdRPQ38i6bWGDjzfTFdTCiXNvIx5i4rn9i/KPVaFbRNHcJ7CyOjuF8jmuZja7EWVxSIfiavNz4UFib9kXU+B2b0+UvdZxL7HePOEs=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=O7MB6ZcKIPDGqXXlR7LoL7BfOnw0HcKDUg6vXCGNrXlGRrf1EuJxf+3LzD/RJce9GLUqUn3c+ouDSPaADYu1AZNFNwL29kADFKYDR8vB1Z8azZEdLsbbZ44B3Dj+1jEDbouPeCHu0QNXZW0nwBX7Y/AAj3961UDvk7RNLrxOoJM=
- References: <961092e10803112158l78a51010xf274a6f0c5ea8ad6 (at) mail.gmail.com> <f78ef9160803112239m2383007bhb1f23a8a6415294b (at) mail.gmail.com>
PS: We're running LAMP stack Apache 2.0 should it make a difference.
On Tue, Mar 11, 2008 at 10:39 PM, Ben <azlobo73 (at) gmail.com> wrote:
> We don't have ours open (in fact very we keep access as limited in
> scope as is necessary; in our environment we can so we do - thank
> goodness for socks5 and ssh), but a little time testing yields answers
> for the auth question.
>
> Set the same realm (AuthName directive) and password auth file(s)
> (AuthUserFile and optionally AuthGroupFile if using groups -
> recommended for multiple users so you can give everyone their own
> accounts, manage them simply via group management, and safely revoke
> access when needed) in all three locations. That will do the trick
> (Tested via Firefox, Opera, and Epiphany). Even setting the same
> password file(s) should be sufficient most of the time. I even can
> create the same user/pass credentials in separate password files and
> login only once to access all three locations.
>
> Ben
>
>
>
> On Tue, Mar 11, 2008 at 9:58 PM, Josh Luthman
> <josh (at) imaginenetworksllc.com> wrote:
> > I am curious to see how the crew here on the mailing list secures their
> > Hobbit from the outside world. I need to have the WWW pages visible from
> > every IP but only from certain people, therefor I need to use users and
> > passwords. Our Hobbitmon is viewed via cell phones and computers (IE and
> > Firefox) and protected by an HTTP(S) login currently. The problem is that
> > with three different Directory statements in httpd.conf, you need to login
> > three times every time you restart Firefox.
> >
> > Also, how many businesses have Hobbitmon wide open for the viewing, such as
> > Henrik's demo, if any?
> >
> > --
> > Josh Luthman
> > Office: 937-552-2340
> > Direct: 937-552-2343
> > 1100 Wayne St
> > Suite 1337
> > Troy, OH 45373
> >
> > Those who don't understand UNIX are condemned to reinvent it, poorly.
> > --- Henry Spencer
>