On Jan 28, 2011, at 8:44 AM, Skye Sweeney wrote: > I have now been monitoring this distribution list for a month and now feel > like I can ask my question... > > Recently my company has but a filter in their firewall to prevent any access > to any outside computer over SSH or FTP. This has broken my ability to access > my home computer to do such things as powering it off during thunderstorms. > Only a very few ports are open on the firewall. These include port 80. > > Question: Is it possible to configure Apache and/or other components to allow > a client to have a simple "bash shell" into the computer running Apache? I do > not need X11 or any other graphic interfaces, just a good old shell and even > that could be limited. Now before people freak out about security, it should > be known that my firewall only allows connections from very specific MAC > addresses. As long as I do not publish those, I consider my home Linux server > very safe. > > I have tried to Goggle the answer, but I have not found the right key words > to home in on a solution. I would be happy with just a few product or keyword > names to help my search or an indication that I am barking up the wrong tree!
Yes, it's possible, but it's the wrong solution. The right solution is ssh. I hear you saying that your company forbids ssh, but I think that once you understand the risks of doing what you're talking about here, you'll be able to communicate to your firewall admin that ssh is *BY FAR* more secure than any other remote shell options available. This is why so many commercial firewalls come with ports 80, 443, and 22 open by default. I would strenuously encourage you to have a long talk with your network guy about security, and if he/she doesn't understand the issues, have a talk with his/her boss about his/her lack of credentials. This isn't a difficult issue - it's pretty fundamental to network security. -- Rich Bowen rbo...@rcbowen.com --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
