mparin Wrote: > My SlimServer is running on an XP Pro machine and my router does not > have the capability to forward ports based on IP Addresses. ITs an all > or nothing deal. So, what would you recommend I do to add some security? > > I have done the following: > 1. I have a user configured on the PC running SlimServer and OpenSSh. > This is the user that is configured in Softsqueeze SSH settings. > This is good. Are you using the cygwin version of OpenSSH? If not, which package? If its cygwin, there's an option /etc/ssh/sshd_config called AllowUsers which will permit only the listed login names from working.
mparin Wrote: > > 2. I have rsa passphrases configured between the softsqueeze client and > the SlimServer > 3. I have userids setup for us in SlimServer > Good. mparin Wrote: > > 4. I have IP Address ranges specified in the AllowedIP address setting > in the SLimServer > This doesn't matter too much, since if someone compromises your SSH connection, they're not going to be doing it to play music. But its good to have anyway. mparin Wrote: > > Anything else I could do? > Again, if you're using the cygwin port of OpenSSH, it is built with tcpwrappers, which means you can add entries in /etc/hosts.allow to allow only certain IPs to access the SSH server - all others will be rejected. While anyone can probe the SSH server, connections will only be allowed via the specified IPs. mparin Wrote: > > Also, if I have a friend who would like to access my mp3 collection > over the internet, can i use itunes instead of the softsqueeze client? > This is assuming that i can get him the rsa.txt file for the security > settings. > Sure, but he'll also need to SSH connect with port 9000 tunneled and use: http://localhost:9000/stream.mp3 as the URL in iTunes. I would create separate users for you, your wife, and your friend, so that you can log who's on, and who's doing what. Using the same userid makes for difficult intrusion investigation should someone let the cat out of the bag. -- MrC ------------------------------------------------------------------------ MrC's Profile: http://forums.slimdevices.com/member.php?userid=468 View this thread: http://forums.slimdevices.com/showthread.php?t=20592 _______________________________________________ Discuss mailing list [email protected] http://lists.slimdevices.com/lists/listinfo/discuss
