search

rockytan / ovz-web-panel

Automatically exported from code.google.com/p/ovz-web-panel
Other
0 stars 0 forks source link

Add and administer remote physical OpenVZ machines through SSH Tunnel #261

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago 
eally helpful and not really complex to implement i think, would be an option 
for the physical servers when one is using a ssh tunnel (local ssh forward) and 
a input field for the port. So, with the option (Use SSH Tunnel) set to on you 
know that you have to use "127.0.0.1:port" and not the remote IP to connect to 
the webservice. Creating the tunnel and checking if the tunnel is active is not 
up to the webpanel. With this feature you can use and configure it very 
flexible and secure. Because Authorization and Authentication is not up to you 
to implement again.

I tried the following on my local machine. This would be the command on the web 
panels server:

sudo ssh user@physical-ovz.com -L 70001:127.0.0.1:7767 -N
To add a tunnel to another physical server

sudo ssh user@another-physical-ovz.com -L 70002:127.0.0.1:7767 -N
and so on. So the port number gets incremented. In my opinion the best way 
would be to split the dialog for add a new physical machine into 2 pieces or 
steps:

First step, you define the IP and the user for connecting, optionally password 
(because when using keys you do not have a password) and the port In the second 
step, if first step was successfull, one can optional modify the configuration 
like the service port adress used to bind the hw-daemon and the security key 
and an unchecked checkbox for using alternative ip and port to connect to. With 
the checkbox checked two input fields can be filled with an alternative ip and 
port (in case of SSH Tunnel this would be 127.0.0.1 and a port e.g 70001) With 
these small modifications you are covering most of the use cases and encourage 
secure usage to administer remote physical machines.

Please let me know if you need more input or if i can help you in any way. Just 
add me to your GTalk Jabber List.

Copied from http://code.google.com/p/ovz-web-panel/wiki/Support

Original issue reported on code.google.com by fritz...@gmail.com on 4 Mar 2011 at 1:29

GoogleCodeExporter commented 8 years ago

Original comment by sibprogrammer on 8 Mar 2011 at 5:40

GoogleCodeExporter commented 8 years ago

Original comment by sibprogrammer on 30 Apr 2012 at 5:25