| Secure remote administration [message #653910] |
Fri, 11 February 2011 15:35  |
 nfowler
Messages: 5
Registered: February 2011 |
Junior Member |
|
|
|
It appears that the Virgo admin console can only provide basic authentication, and access to the Equinox shell is via telnet. Is there any mechnism for secure remote administration of Virgo or the underlying OSGi container? How is one expected to use Virgo in a secure production environment?
|
|
|
| Re: Secure remote administration [message #653969 is a reply to message #653910] |
Sat, 12 February 2011 01:40  |
Hristo Iliev
Messages: 152
Registered: May 2010
Location: Sofia, Bulgaria |
Senior Member |
|
|
You can use HTTPS connection (default port 8443) for the admin console.
As for the OSGi console in 2.1.0 you should restrict the access to the telnet port to localhost (osgi.console property in userregion). You can do that via iptables for instance.
Once you restricted the access to localhost you can use OS ssh to the server and then connect via telnet to Virgo.
The upcoming 3.0 version of Virgo will provide the ability to limit the console to localhost via osgi.console property (osgi.console=localhost:2401), instead of OS means such as iptables.
If you want you can raise enhancement requests for both admin console authentication and ssh access.
[Updated on: Sat, 12 February 2011 01:43] Report message to a moderator |
|
|
Powered by
FUDForum. Page generated in 0.01438 seconds
] 
Search
Help
Register
Login
Home
