Hi Brandon, > I removed WebMin for this reason. However, it seems like it'd be an > excellent backup should SSH ever fail or be unavailable for whatever > reason.
I've had that only once so far. In that case I simply reinstalled the SSH-PKG through the Cobalt GUI and had it up and accessible again. However, I would have used the Admin GUI to temporary re-enabled Telnet for that purpose had I not had a static ipchains rule in place which prevented Telnet from working. > How could you go about (safely) creating a HTML page, accessable > via SSL, that once you supplied the proper credentials, could fire up the > WebMin application? Effectively, allowing one to trigger the process at > will? Your thoughts? That's a possibility, but just one of 'em. If I'd implement it that way (if!), then I'd use a small PERL or PHP script with the "exec" command which would execute "/etc/webmin/start". However, the webmin start stcript can only be run by the user "root" and not unprivileged users like "httpd" (as which apache runs) or site users (under whose name scripts usually run). So this certainly will not work without the "sudo" command which I'd never ever use in combination with a PERL or PHP script - for security reasons. It would be too easy for a remote (and easier for a local) user to find ways to exploit this setup. So while the above way is doable, it's an approach I do not recommend. What else could be done? I'm sure other people on this list have some nice suggestions as well, but from the top of my head I could imagine the following approaches: Put an ipchains rule in place which will allow only TCP connections to your Webmin port. Obscure the port by not using 10000 but use another port instead. Configure Webmin to react only to queries from a specific IP-address or IP-address ranges as well. This combination of efforts lowers the threat somewhat, but not totally. Another option, derived from the earlier discussion: Use the above methods, but as addition launch a small shell script from /etc/rc.d/rc.local which issues a shutdown of Webmin a few minutes after the server rebooted. That way you have Webmin accessible for a few minutes after each server reboot. With some additional scripting logic you could issue the shutdown of Webmin at once if "netstat -anp|grep LISTEN" reports that port 22 is there and SSH is running. Or prevent Webmin from running if SSH is working. Whatever fits your purposes best. The perhaps smartest way (and the one which requires the most efforts) is this: Make Webmin totally inaccessible to the outside world with IPChains and let it run only locally on the IP 127.0.0.1, port 10000. Then use stunnel (see: www.stunnel.org) to establish a secure (forwarding) connection from a local Linux machine in your office to 127.0.0.1:10000 on your server. This requires some tinkering, but sounds like a nice and rather secure alternative. -- With best regards, Michael Stauber [EMAIL PROTECTED] Unix/Linux Support Engineer _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
