On 30/07/14 13:34, Sam Caise wrote: > Hi everyone, > > My company have recently been looking at using Spacewalk for > package/configuration management for our client systems. > > Our clients are very uptight about security, and as this is the case > inbound/outbound ports are severely restricted. We currently use > outbound SSH tunnels to our Gateway to connect to their systems and > provide support. > > We would like to fully implement Spacewalk, however to do this we need > to change the ports of the Spacewalk host server (mainly so we don't > route 80/443 through our SSH tunnels). > I am not sure if it is possible to change the ports, may be someone else can comment.
If you have restrictions on the managed client accessing the server, SUSE Manager (commercial, Spacewalk based) allows to set individual clients to be set as "SSH push" where it will be the server who will connect to the client every X interval, setup a tunnel so that the client can get the actions and packages, and then disconnect. Then you only need the server to be able to reach the client on port 22 and not vice versa. Unfortunately this feature was not accepted upstream: http://www.redhat.com/archives/spacewalk-devel/2013-March/msg00015.html Cheers, -- Duncan Mac-Vicar P. - http://www.suse.com/ SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) Maxfeldstraße 5, 90409 Nürnberg, Germany
_______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
