[ previous ] [ next ] [ threads ]
 
 From:  "Ryan Wagoner" <Ryan at wgnrs dot dynu dot com>
 To:  "Jimmy Bones \(Mhottie\)" <mhottie at gmail dot com>, "Lee Sharp" <leesharp at hal dash pc dot org>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Disable WebGUI and use Shell only?
 Date:  Fri, 10 Mar 2006 10:51:04 -0500
If you really want the option to SSH in and gain access to the console pfsense has what you are
looking for.

I really don't see the need to do this since the config is stored in config.xml. It would be more of
a pain to edit through the console than through the web gui. Honestly on my linux server I do
everything throug hte command line it doesn't even have an x server running, but with monowall I
like the gui. Its not a after thought like normal linux guis are and everything is tightly
integrated.


-----Original Message-----
From: Jimmy Bones (Mhottie) [mailto:mhottie at gmail dot com]
Sent: Thu 3/9/2006 11:23 PM
To: Lee Sharp
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] Disable WebGUI and use Shell only?
 
It might be, but the client in question is a small business, and everyone
shares roles. There are some nosy people in the office that think they know
how to "fix" computers, and to alleviate larger problems and issues it would
be best to avoid them from seeing a webGUI.

I never really noticed this until now, but why can you not ssh into a
m0n0wall box for manual config and/or status monitoring w/o a gui?

Thanks for your replies.



On 3/9/06, Lee Sharp <leesharp at hal dash pc dot org> wrote:
>
> From: "Jimmy Bones (Mhottie)" <mhottie at gmail dot com>
>
> > Is there a way to disable the webgui and configure/access via shell/ssh
> > only?
>
> No.  First, m0n0wall has no shell.  Second, the web GUI is not a config
> tool, but the backbone of the system.
>
> > Or maybe run the webgui on an odd port, etc? Have the console menu dump
> > into
> > a shell login prompt instead of console menu, etc?
>
> Pick any port.  And run it with ssl if you want.
>
> > I ask because we are going to setup a m0n0 box in a small office that
> has
> > several nosy people in it that will want to start "playing with
> settings".
> > I
> > would like to do the inital config in the webgui, then disable it and
> > continue to configure via a shell, etc. and keep it that way.
>
> This is not a technical problem, and can not be solved with a technical
> solution.  However, the new Sarbanes Oxley regulations can be your friend
> here.  "I am not sure about this.  Isn't giving access to the firewall to
> people not on the security team a violation of Sarbanes-Oxley?  Should we
> ask legal, or the auditors?"
>
>                         Lee
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>