It was thus said that the Great William A. Rowe Jr. once stated: > On 1/28/2011 7:51 AM, Rich Bowen wrote: > > > > On Jan 28, 2011, at 8:44 AM, Skye Sweeney wrote: > > > >> Question: Is it possible to configure Apache and/or other components to > >> allow a client to have a simple "bash shell" into the computer running > >> Apache? I do not need X11 or any other graphic interfaces, just a good > >> old shell and even that could be limited. Now before people freak out > >> about security, it should be known that my firewall only allows > >> connections from very specific MAC addresses. As long as I do not > >> publish those, I consider my home Linux server very safe. > >> > > Yes, it's possible, but it's the wrong solution. The right solution is > > ssh. I hear you saying that your company forbids ssh, but I think that > > once you understand the risks of doing what you're talking about here, > > you'll be able to communicate to your firewall admin that ssh is *BY > > FAR* more secure than any other remote shell options available. This is > > why so many commercial firewalls come with ports 80, 443, and 22 open by > > default. > > Set up your ssh responder on 443, it will look to the powers-that-be > and to your network proxy server as a tunneled https:// connection. > > Not sure how to have ssh client follow-the-tunnel offhand, but it can't > be impossible % ssh -p 443 ... I've set this up after I found myself stuck behind a particularly nasty network that only allowed outgoing TCP traffic on ports 80 and 443. -spc --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|