Mike Heath maheath at
Wed Nov 10 22:42:58 GMT 1999

Sorry it took so long to get this back to the list, but the summary always
seams to be last on the list of things to do...

The solution that I finally used was turning off swat in inetd, and running
a stunnel daemon listening to port 901 with a self signed OpenSSL
certificate. This will encrypt the swat session so that you don't have to
worry about having you root password snooped.

Run command "/usr/local/sbin/stunnel -d 901 -l /usr/local/samba/bin/swat --
swat" at boot, and then simply connect to https://hostname:901. You will
most likely need to install the certificate into you web browser.

-Mike Heath

-----Original Message-----
From: samba-technical at [mailto:samba-technical at]On Behalf
Of Mike Heath
Sent: Wednesday, October 27, 1999 1:49 PM
To: Multiple recipients of list SAMBA-TECHNICAL
Subject: SWAT & SSL

Does anyone know of a good way to wrap up SWAT so that when a user uses the
change password page, their passwords are not sent in clear text? Maybe
using ssl or stunnel?

   Mike Heath

Sprint Paranet -- Denver, CO.
On Loan to:          QWest Communications
E-mail:             maheath at
Alpha Page:     maheath at
Pager:       (800) 724-3329 Pin# 382-2371
Voice Mail:  (888) 706-1903 Box# 333-3103

More information about the samba-technical mailing list