SUMMARY: SWAT & SSL
Mike Heath
maheath at qip.qwest.net
Wed Nov 10 22:42:58 GMT 1999
Sorry it took so long to get this back to the list, but the summary always
seams to be last on the list of things to do...
The solution that I finally used was turning off swat in inetd, and running
a stunnel daemon listening to port 901 with a self signed OpenSSL
certificate. This will encrypt the swat session so that you don't have to
worry about having you root password snooped.
Run command "/usr/local/sbin/stunnel -d 901 -l /usr/local/samba/bin/swat --
swat" at boot, and then simply connect to https://hostname:901. You will
most likely need to install the certificate into you web browser.
-Mike Heath
-----Original Message-----
From: samba-technical at samba.org [mailto:samba-technical at samba.org]On Behalf
Of Mike Heath
Sent: Wednesday, October 27, 1999 1:49 PM
To: Multiple recipients of list SAMBA-TECHNICAL
Subject: SWAT & SSL
Does anyone know of a good way to wrap up SWAT so that when a user uses the
change password page, their passwords are not sent in clear text? Maybe
using ssl or stunnel?
Regards,
Mike Heath
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sprint Paranet -- Denver, CO.
On Loan to: QWest Communications
E-mail: maheath at qip.qwest.net
Alpha Page: maheath at pager.paranet.com
Pager: (800) 724-3329 Pin# 382-2371
Voice Mail: (888) 706-1903 Box# 333-3103
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the samba-technical
mailing list