[Samba] Re: SWAT
Carlos Rodrigues
carlos.efr at mail.telepac.pt
Sun May 15 01:11:48 GMT 2005
Scott Hamm wrote:
> How secure is SWAT in production level? If it's insecure, can anybody
> explain why that it is not? I'm running Slackware 10, kernel 2.4.26
> and samba 3.0.4.
Well, that depends on how insecure do you find a service that requires
you to send your root password through the network in the clear...
However, there are ways around this. You can wrap the connections to
swat using "stunnel", or you can just restrict swat access to localhost
and then use it over an ssh tunnel (this is as easy as "ssh
-L2222:localhost:901 user at sambaserver", so I kind of like it).
Carlos Rodrigues
More information about the samba
mailing list