Submitted by datenimperator on Thu, 07/07/2011 - 03:48
Hi, not every webmin interface is exposed to the public internet. If cloudmin had a way to use SSH port forwarding (see my request 18775), it could add
LocalForward 10000 127.0.0.1:10000 and happily connect to webmin on hosts where it's just bound to localhost.
That'd be great.
Submitted by JamieCameron on Thu, 07/07/2011 - 13:16 Comment #1
That would be tricky to implement, as the SSH connection would have to be held open for the duration of all Cloudmin connections to Webmin .. so I don't think we would ever add this.
Why not just open port 10000 for connections from the Cloudmin master?
Submitted by datenimperator on Fri, 07/08/2011 - 03:03 Comment #2
On some systems, simply opening the TCP for a given remote address port is a feasible solution. However, on others I can't do that because the firewall isn't operated by me. It's just ssh, http and https there.
Sidenote: How often does cloudmin connect to the remote webmin system? If it's just every 5-15 minutes, why couldn't it open a ssh connection first, do it's thing and close the ssh connection afterwards?
Submitted by JamieCameron on Fri, 07/08/2011 - 11:12 Comment #3
It opens a connection for every status update, which happens every 5 minutes by default. Also there are multiple connections involved - not just to port 10000. Also many other operations in cloudmin open port 10000 connections as well... So tunneling all those through ssh really isn't practical.
You can change the webmin port from 10000 to something else though.