Results 1 to 2 of 2
-
09-30-2004, 12:08 PM #1Junior Guru Wannabe
- Join Date
- Aug 2004
- Posts
- 51
Setup specifics for secure access (ssh tunneling) on hosted domain?
So I have a hosted domain for which I want to setup secure access.
I currently have running web and ftp services (like phpBB forums, CMS portals, rev-control system (Subversion), Moodle learning-management-systems--all served via Apache). I want to restrict access to any of these web/ftp services such that only someone with an appropriate access level can see them.
I do not think SSL alone will meet my requirements for my business applications (or at least some of them). I think another level of "security" is what I'm shooting for, possibly an SSH tunnel or VPN or some other similar technology. (For what it's worth, since I'm on a Virtual Private Share, I do not think a software VPN like http://OpenVPN.sourceforge.net will be feasible because I can not do necessary kernel mods on my VPS.)
I think I can setup a ssh tunnel ok to do this (although I have yet to actually demonstrate a working system). What I'm struggling with in my head is how will I keep a running web server (and ftp server, for that matter) but restrict usage only to secure (probably via ssh tunneling?) paths/users via my hosted server/VPS (or dedicated server if I end up having to go this route)?
Does the ssh server/tunneling/something handle all of this? Will I need to make special Apache httpd.conf configurations? Something else?
Thanks for any help and/or pointers.
-Matt
-
09-30-2004, 01:11 PM #2Junior Guru Wannabe
- Join Date
- Aug 2004
- Posts
- 51
After digging just a little deeper, it looks as if I may need to close all the IP ports except for the ssh port (port 22?) on my hosted server as a start.
If this is the case, I've got to setup the "mapping" of the "internal" ports on my hosted server to flow over my ssh connection. I don't yet know how to do this, but I hope to learn either via pointers here or self education.
Furthermore: can I run multiple ssh connections over different domains/servers (as in server1.example.com, server2.example.com) for different set of users?
Thanks again for any help!
-Matt