I can change it to just dump the user & password to the console. Also if a user uses crypt- for a password it WILL still work, since it checks all passwrods against plain text first.
Duncan Webb wrote: > Ryan Roth wrote: > >> OK I have stunnel working. I would like to write a howto for the wiki, >> but I would like to include the encrypted passwords in the how to also. >> > > Great wiki page. > > I think it would be better to use a tuple for encrypted user names and > passwords, then the password checker can detect that it is a tuple and > use the first word as the type of key. Some _smart_ user will use a > password 'crypt-' and then no login. Better to use a tuple. > > Something in the back of my mind tells me that encrypted passwords are a > bit of a waste of time on a freevo box, unless it is shared by different > people. One of the big problems is that there is no access control, such > as read (play) only and read-write. > > BTW crypt is not very secure, that's why shadow uses md5 passwords; md5 > is easy to get from the command line: echo 'password' | md5sum > > In the patch, you were messing around with local_conf.py, which is not a > good idea. Better to just output the line, which can be pasted into the > local_conf.py > > Duncan > > >> Duncan Webb wrote: >> >>> Ryan Roth wrote: >>> >>> >>>> The reason I wanted this is start making the web interface more secure. >>>> I wanted to take with people and see what they though about changing the >>>> web server to a secure server. This would be nice for those of us who >>>> forward web traffic from our public IP to our Freevo box. >>>> >>>> >>> That's what I thought the intention was. However making the password >>> more secure does not mean that the freevo box is secure. There are >>> several things that you need to do to make the box more secure when >>> accessed externally. >>> >>> First install stunnel, this means that you can access the freevo box >>> using the https:// protocol, this means that the data, including >>> passwords is not transmitted over the net in a readable form. See: >>> http://www.linuxfromscratch.org/blfs/view/svn/postlfs/stunnel.html >>> >>> Configure a service for freevo webserver: >>> [https] >>> accept = 443 >>> connect = 8080 >>> TIMEOUTclose = 0 >>> >>> You will need a group and a user for freevo webserver access. Lets say: >>> groupadd -g 80 freevo >>> useradd -c "Freevo Webserver" -d /home/freevo \ >>> -g freevo -s /bin/false -u 80 freevo >>> >>> Change the freevo webserver port and user and group ids in local_conf.py >>> WEBSERVER_UID = 80 >>> WEBSERVER_GID = 80 >>> WEBSERVER_PORT = 8080 >>> >>> Then you have to change the group and the permissions of the freevo >>> media directories. Something like: >>> find /freevo -type d -exec chgrp freevo {} \; >>> find /freevo -type d -exec chmod g+ws {} \; >>> >>> You will also need to change the ownership and permissions on other >>> files, eg webserver-80.log, so that the freevo user can write to these >>> files. There may be more that you need to change. >>> >>> Lastly you need to open port 443 on your firewall that then points to >>> the freevo box. >>> >>> Hope this helps and when you have got it working may be adding a wiki >>> page would be good. >>> >>> Duncan >>> >>> >>> ------------------------------------------------------------------------- >>> Take Surveys. Earn Cash. Influence the Future of IT >>> Join SourceForge.net's Techsay panel and you'll get the chance to share your >>> opinions on IT & business topics through brief surveys - and earn cash >>> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV >>> _______________________________________________ >>> Freevo-users mailing list >>> Freevo-users@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/freevo-users >>> >>> >>> >> ------------------------------------------------------------------------- >> Take Surveys. Earn Cash. Influence the Future of IT >> Join SourceForge.net's Techsay panel and you'll get the chance to share your >> opinions on IT & business topics through brief surveys - and earn cash >> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV >> _______________________________________________ >> Freevo-users mailing list >> Freevo-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/freevo-users >> >> > > > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys - and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > Freevo-users mailing list > Freevo-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/freevo-users > > ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Freevo-users mailing list Freevo-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freevo-users
