* phil wrote on Mon, Dec 03, 2001 at 10:23 -0800:
I have been trying to figure out how to get sshd to start and stop via a browser. If I call rcsshd stop or rcsshd start from a cgi script it won't find the keys.
Maybe the environment is wrong? Do you mean the host keys or what?
In general I have the cgi script call sshd like so:
if variable = variable then system rcsshd start else system rcsshd stop
I miss the sudo call. It's very hard to run apache as root, you would have to recompile with -DBIG_SECURITY_HOLE (BTW, very cool define name :)), so are you really sure that ssh gets even started?!
2. the html page for controling sshd can be obscured. eg. http://somewhere/lkjsfkjsfljsdfh/123987kjghkjhdfgkh/lkjsdflkjsldfkjlskdjf.cg...
I would suggest https: at least...
3. an .htaccess can be used to protect the page which the cracker would need to know the name and password for.
please note, taht your password would be transmitted in clear, which could end in a DoS (shutting down SSH), theoretically.
5. sshd seems to be starting the same trend as "wu_ftp" and such.
Hum, I don't think so, think most was caused by some myst around here...
Need to somehow write a fresh inet.d and HUP it somehow... ?
Well, maybe you can make a inetd.conf.on and inetd.conf.off and copy on of them to inetd.conf. But wasn't webmin able to start/stop services? Who knows... oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.