Re: horse and webshell
Tom Smith wrote, On 24/03/10 12:07: I followed this link but only got this.. must be just my system right?? shell.clug.org.nz uses an invalid security certificate. The certificate is not trusted because it is self signed. The certificate is only valid for shell.clug.net.nz The certificate expired on 24/05/09 13:59. Yep - its a self-signed certificate. This is not a problem, but most of the web browsers will raise a warning. My problem is that I created it for shell.clug.net.nz and now we're only using clug.org.nz, and also that its expired. Point is moot given its going away soon. -- Craig Falconer
Re: horse and webshell
On Wed, 2010-03-24 at 12:07 +1300, Tom Smith wrote: > > I followed this link but only got this.. must be just my system right?? > > Secure Connection Failed > > shell.clug.org.nz uses an invalid security certificate. > > The certificate is not trusted because it is self signed. > The certificate is only valid for shell.clug.net.nz > The certificate expired on 24/05/09 13:59. > > (Error code: sec_error_expired_issuer_certificate) > > > * This could be a problem with the server's configuration, or it > could be someone trying to impersonate the server. > > * If you have connected to this server successfully in the past, the > error may be temporary, and you can try again later. > > > Or you can add an exception… > Well, it could do with renewing, but I'd create an exception. This is one of my annoyances with these certs, as they provide 2 functions at the same time, and firefox goes over the top on one of them! 1. The connection is encrypted. 2. The issuer is validated. In this case, it's only really function 1 that's necessary. To pass function 2 costs money and/or real grief in insalling certificate authorities, intermediate files, and loads of other bumpf. Steve -- Steve Holdoway http://www.greengecko.co.nz MSN: st...@greengecko.co.nz GPG Fingerprint = B337 828D 03E1 4F11 CB90 853C C8AB AF04 EF68 52E0 signature.asc Description: This is a digitally signed message part
Re: horse and webshell
Hi follks On Tue, 2010-03-23 at 08:25 +1300, C. Falconer wrote: > Hi all - with respect to horse, how many of the current users make use > of the webshell running on port 443? > If that makes no sense, https://shell.clug.org.nz/ > > Logs don't tell me who uses which mechanism for connecting. > > I want to run openvpn on port 443, and if noone uses webshell it can go > away. > > > Bother cablemodems with only one IP address. > > I followed this link but only got this.. must be just my system right?? Secure Connection Failed shell.clug.org.nz uses an invalid security certificate. The certificate is not trusted because it is self signed. The certificate is only valid for shell.clug.net.nz The certificate expired on 24/05/09 13:59. (Error code: sec_error_expired_issuer_certificate) * This could be a problem with the server's configuration, or it could be someone trying to impersonate the server. * If you have connected to this server successfully in the past, the error may be temporary, and you can try again later. Or you can add an exception…
Re: horse and webshell
> Hi all - with respect to horse, how many of the current users make use > of the webshell running on port 443? > If that makes no sense, https://shell.clug.org.nz/ > Not me. In fact I have not used horse for ages.
Re: horse and webshell
On 23 March 2010 12:11, Nick Rout wrote: > On Tue, Mar 23, 2010 at 11:13 AM, Ryan McCoskrie > wrote: >> On Tue, 23 Mar 2010 10:53:34 Craig Falconer wrote: >>> Ryan McCoskrie wrote, On 23/03/10 10:42: >>> > On Tue, 23 Mar 2010 08:25:50 C. Falconer wrote: >>> >> Hi all - with respect to horse, how many of the current users make use >>> >> of the webshell running on port 443? >>> > >>> > That webshell looks really cool! What do people use it for? >>> >>> Accessing horse from sites that only allow http/https access out. >> >> I mean what is this whole horse thing? > > horse is a computer which Craig gives nice people shell access to, > with login via ssh. Useful for, eg, testing your firewall from outside > your lan. > > It's address is shell.clug.org.nz > > If you ask Craig nicely he'll usually oblige you with an account. It's also very useful as an off site back up for the source code of that vital project you have written. e.g your thesis etc. You also get given a public_html area which is extremely useful as a staging-post for sharing pictures etc. with family and friends. -- Sincerely etc. Christopher Sawtell
Re: horse and webshell
On Tue, Mar 23, 2010 at 11:13 AM, Ryan McCoskrie wrote: > On Tue, 23 Mar 2010 10:53:34 Craig Falconer wrote: >> Ryan McCoskrie wrote, On 23/03/10 10:42: >> > On Tue, 23 Mar 2010 08:25:50 C. Falconer wrote: >> >> Hi all - with respect to horse, how many of the current users make use >> >> of the webshell running on port 443? >> > >> > That webshell looks really cool! What do people use it for? >> >> Accessing horse from sites that only allow http/https access out. > > I mean what is this whole horse thing? horse is a computer which Craig gives nice people shell access to, with login via ssh. Useful for, eg, testing your firewall from outside your lan. It's address is shell.clug.org.nz If you ask Craig nicely he'll usually oblige you with an account.
Re: horse and webshell
On Tue, 23 Mar 2010 10:53:34 Craig Falconer wrote: > Ryan McCoskrie wrote, On 23/03/10 10:42: > > On Tue, 23 Mar 2010 08:25:50 C. Falconer wrote: > >> Hi all - with respect to horse, how many of the current users make use > >> of the webshell running on port 443? > > > > That webshell looks really cool! What do people use it for? > > Accessing horse from sites that only allow http/https access out. I mean what is this whole horse thing? -- Quote of the login: Real Programmers don't eat quiche. They eat Twinkies and Szechwan food.
Re: horse and webshell
Ryan McCoskrie wrote, On 23/03/10 10:42: On Tue, 23 Mar 2010 08:25:50 C. Falconer wrote: Hi all - with respect to horse, how many of the current users make use of the webshell running on port 443? That webshell looks really cool! What do people use it for? Accessing horse from sites that only allow http/https access out. It was originally an ssh app for the iphone, hence the onscreen keyboard thing. Why? http requests can be transparently proxied/logged and the user has no idea or control of this. Meanwhile, https can be logged but it cannot be proxied, so while a firewall operator might see you going to https://yourbank.co.nz/accounts/balances they cannot read the page content. So, running an ssh app on that port allowed users to access horse via ssh without actually being able to connect out on port 22. If you're interested, look in /opt/WebShell on horse. Its run as screen -d -m /opt/WebShell/webshell.py Source is in /usr/src/WebShell* -- Craig Falconer
Re: horse and webshell
On Tue, 23 Mar 2010 08:25:50 C. Falconer wrote: > Hi all - with respect to horse, how many of the current users make use > of the webshell running on port 443? That webshell looks really cool! What do people use it for? -- Quote of the login: Real Programmers don't eat quiche. They eat Twinkies and Szechwan food.
Re: horse and webshell
On 23 March 2010 08:25, C. Falconer wrote: > Hi all - with respect to horse, how many of the current users make use of > the webshell running on port 443? I occasionally connect via SSH; might have used webshell had I realised it was there, but won't miss it should it disappear. Thanks for providing this service.
Re: horse and webshell
On Tuesday 23 March 2010, you wrote: > Hi all - with respect to horse, how many of the current users make use > of the webshell running on port 443? > If that makes no sense, https://shell.clug.org.nz/ > > Logs don't tell me who uses which mechanism for connecting. > > I want to run openvpn on port 443, and if noone uses webshell it can go > away. I didn't even know it existed. I use an ssh client to connect to Horse. What I don't use I won't miss. Cheers Ross Drummond
Re: horse and webshell
On Tue, Mar 23, 2010 at 8:25 AM, C. Falconer wrote: > Hi all - with respect to horse, how many of the current users make use of > the webshell running on port 443? > If that makes no sense, https://shell.clug.org.nz/ > > Logs don't tell me who uses which mechanism for connecting. > > I want to run openvpn on port 443, and if noone uses webshell it can go > away. > > > Bother cablemodems with only one IP address. I used to use it, but no longer do. Thanks for the service, but I am happy for you to turn it off.
Re: horse and webshell
Steve Holdoway wrote, On 23/03/10 08:42: ... it's usual to run openvpn over udp, so shouldn't clash??? You can run openvpn with either TCP or UDP transport. My wife wants to use a wireless service that only allows port 80/tcp (transparently proxied) and port 443/tcp. Either that or she gets a vodem/aircard/t3g card. -- Craig Falconer
Re: horse and webshell
On Tue, 2010-03-23 at 08:25 +1300, C. Falconer wrote: > Hi all - with respect to horse, how many of the current users make use > of the webshell running on port 443? > If that makes no sense, https://shell.clug.org.nz/ > > Logs don't tell me who uses which mechanism for connecting. > > I want to run openvpn on port 443, and if noone uses webshell it can go > away. > > > Bother cablemodems with only one IP address. ... it's usual to run openvpn over udp, so shouldn't clash??? Mind you I have used it over 22/tcp to take advantage of QoS stuff to improve latency. Steve
