Dear buds,
I thought I would give you some info on my recent activities.
Though I have a good mind to make an open source project ( a virtual
machine ) out of my
secure file upload/download creation I would share the key aspects
with you here.
I am not sure when I will get time to create a project for this on sourceforge.
Basically to add UNIX user authentication to Apache pages is simple in
OpenBSD if you use the
mod_auth_bsd package.
Just have these directives in /var/www/conf/httpd.conf
AuthBSDGroup auth
<Directory "/var/www/htdocs">
SSLRequireSSL
AuthType Basic
AuthName "Please authenticate"
AuthBSD On
Require valid-user
Options Indexes FollowSymLinks
#AllowOverride None
#Order allow,deny
#Allow from all
</Directory>
Now since /var/www/htdocs is the DocumentRoot to access any web page
you can login with the UNIX username and password.
Really nice.
This enforces that the connection be SSL.
How to create certificates?
Simple.
Generating a DSA certificate involves several steps. First, you generate
a DSA parameter set with a command like the following:
# openssl dsaparam 1024 -out dsa1024.pem
Would generate DSA parameters for 1024 bit DSA keys, and save them to the
file dsa1024.pem.
Once you have the DSA parameters generated, you can generate a
certificate and unencrypted private key using the command:
# openssl req -x509 -nodes -newkey dsa:dsa1024.pem \
-out /etc/ssl/dsacert.pem -keyout /etc/ssl/private/dsakey.pem
Taken from man ssl on OpenBSD.
Now start your web server with httpd -u -DSSL.
Of course all this will only work on OpenBSD.
However if you wish to use what I did on Linux it is trivial to use it
as a VM with either qemu full mode(bridge mode) networking in Linux or
Windows.
Or you could use VirtualBox.
I never touch commercial software.
-Girish
--
Gayatri Hitech
http://gayatri-hitech.com
[email protected]
_______________________________________________
ILUGC Mailing List:
http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
