Eric wrote: > I have a secure Linux host on which all access is restricted to SSH > for those with valid PuTTY key files protected with passphrase... no > login allowed. > > I would like to put up a secure website on that machine that is > accessed the same way... only those with valid PuTTY key files AND > who know the passphrase can access. > > Where can I go (newsgroups, mailing lists, websites) to learn how to > do that? > > I know that https uses SSL (secure socket layer) for secure website > access but I'm pretty sure that doesn't work with PuTTY key files > (right?). > > Anyway, right now SSH is the ONLY protocol available for external > access on that machine (everything else tunnels in ssh, e.g. > Subversion svn+ssh and Filezilla sftp+ssh2) and I'd like to keep it > that way if I can. > > Is there such a thing as an "http+ssh" protocol? > > Also, almost all of the clients that will be accessing this thing > are on Windows boxen (yeah, I know... nothing I can do about that) > using MSIE or Firefox. The web browser would have to be able to > access key files administered by Pageant (the background-resident > PuTTY Authentication Agent). I think one way you can achieve this is to tunnel http over ssh. You can let your ssh users create such a tunnel and then they can browse the web server on the remote box. I don't use putty much at all (since I don't use windows much at all), but there is a section in the putty config for creating tunnels. IIRC, there's also a plink command that can create such tunnels also. -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Politics is the business of tinkering with other people's lives. -- Nolan Neathercutt
Attachment:
pgpbg0Ajdv4xB.pgp
Description: PGP signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list