WebIF - can it be accessed from the WAN?

That's excellent news - you've cracked it!

(Thanks for all the thanks, by the way :cool:)

The next, and much simpler step is to go into webif and to click on the box that disables password authentication by selecting the box marked "Prevent logins with passwords?" and updating the settings. This is the most critical step because it stops a hacker from sidestepping all this good work and just guessing the password for root.

It looks like you can ignore this bit, but once you're happy that this works inside the network, the next thing for people to do is to configure the router to forward the SSH port from the outside to the humax. For people who haven't done this before, it will be a setting called something like 'Port Forwarding' or 'Application Sharing'. Pick a port at random (I recommend something between 33000 and 65000) and forward that to the Humax on port 22. If your router doesn't support changing the port number on the way through, you can change the port number on the webif to match the port that you chose for the router.

Once you have this configured and working, you need to be able to reach your router. This is fine if the IP address is fixed, but if your IP address changes every time you reconnect you need to sign up for a dynamic DNS address. Once that is set up then you can know that your router will always be accessible at <blah>.<something>.org. For example, you could use one of the No-IP free domains and register makem.no-ip.org or makem.redirectme.net or <anything that's not taken already>.redirectme.net. There is a list of free dynamic DNS providers at http://dnslookup.me/dynamic-dns/ but it would be a good idea to see what dynamic DNS services that your router supports before you bother registering with one.

As ever, let us know if there are any problems at each stage.
 
Sam Widges said:
... it would be a good idea to see what dynamic DNS services that your router supports before you bother registering with one.
Click to expand...

.. and if your router doesn't support dynamic DNS then there is a package for the Humax that does : ) - inadyn
 
Iseems that missunderstanding the what I thought was a DOS command to later prompt the user to enter the key, was the point where things went wrong. If it was not for that it would have all been straightforward when following the instructions. A pity and I appologise for the stupidity.

I already have and use a no-ip account so I will do the above later today.

With regards to the ability in webif to change the port, is there any advantage/disadvantage in changing it from 22 if your router can translate the port?
 
Don't worry, we sorted it in the end.

There is no major advantage to changing the port on the humax if your router can sort it for you. If an intruder has got in to your LAN, you have bigger problems to worry about than an ssh service that won't do password authentication.
 
I am getting connection refused when I try to access webif from http://127.0.0.1

I am checking everything. This is the first time since we used the keys and got login correct that I have tried this.

I am assuming that once logged in I should then be able to access webif via the above address.
 
Ok, I can access webif as I said when I use L80 127.0.0.1:80 in the tunnel settings. The port in webif settings is 22.
When I change the '80' to a high port number leaving the '22' in place. I get a connection error.

When I change the '80' to a high port number and change the port in webif to that high number and reboot the box, I get a connection error.
 
I am going to stop there and get on with some other work much as I enjoy trying to get this working.

Thanks again, will be back this evening but will not be surprised if you are out lol.
 
Last try before I go:
Just noticed that although I enter the high port in tunnel settings I had not entered it in the host settings.

I have done that, get warning about the certificate, accept that and then the page tries to connect to 127.0.0.1:xxxxx but never loads. The setting in webif settings is the high port number.
 
What is the server's rsa2 key fingerprint? I get a message:

ssh-rsa 1039............b0:15

Would this be correct?
 
Just to check I had eventually understood the last 6 pages of help I removed all the custom software then reinstalled it.

From that point it took 15 minutes to get the tunnelling and key login set up again. As Sam said, once done, in hindsight it is so easy.

Thanks all for the help.
 
Makem - glad you're happy with the config.

Sorry I haven't got back to you but a whole bunch of similar stuff came up for work (only now getting resolved) and I had to knuckle down and keep the bosses happy.
 
Sam - Nice to be busy :)

I tried connecting from Mc Donalds and although I was able to log in to the humax I could not browse and open webIF.

Are there some settings for Firefox which need to be made?

I made a new profile in FF but did not know where to go from there.
 
That sounds like the tunnel hadn't been set up - were you using your usual machine or was this the first time you had tried it on the PC you had with you? If you can log in to the Humax, nothing else in the network would have broken the connection. Could you access any other websites?
 
I was using my netbook (the one I travel with). It was the first time this had been used for this purpose.

After I connected to the Humax and logged in I tried connecting using http://127.0.0.1 and could not raise webIF but I forget what the error said :(. I think it was 'Could not connect'

I did not try to access any other websites. (We were cold and tired and it was snowing heavily so wanted to get home!)

Connecting to the Humax took the following form:

Log in as: root
Authenticating with public key "humax"
Passphrase for key "humax": xxxxxxxxxxxxxxxxxxxxxxxxx
Humax#

Putty settings:
Session
no-ip address : Port high number
Connection type: SSH
SSH
Auth:
Private key file location
Tunnels: L80 127.0.0.1:80
 
Hi Sam,

Ive just been to my daughters and was able to connect and view webIF from there :)

I think due to the rush last night I had done something wrong or not done something.

Anyhow, all is good. Thanks again for all your help and patience.
 
Today went to McDonalds to further test the secure remote facility.

Left the Humac switched on fefore leave home and connected using Putty. Connection went ok. Went to the EPG to test selecting a furure recording. Having selected one I was prompted that a re-boot was needed. I did the reboot and received the expected error from Putty - Unexpected disconnection (or words to that effect).

I attempted to reconnect via Putty but was unable to do so. When I returned home I found the the Humax was now in standby. Is it possible to rectify the situation to allow the box to return to the 'on' position? If not then remote recordings cannot be arranged more than one time. After that time no access can be gained to the box via ftp either.
 
You must log in or register to reply here.
Back
Top