Security idea for paranoid people

Hello,

i still have kind of a bad feeling regarding the fact that you have one machine that can gain control over all your other machines (cloudmin server that is).

I thought about it and could imagine one way to make cloudmin root access a bit more secure, eventually im just paranoid tho :slight_smile:

Would it be possible to allow Access to cloudmin web ONLY if there is an IP matching connection to SSH established?
So that would mean if i like to admin my cloud - i need to make an ssh connection to that server, keybased for example and with another username but root - my IP is registered that way and i can than login to cloudmin as root user.

Or would that be just too much hassle to integrate. If you make this an choosable option i think it would please some admins and dont affect those that dont care about it :slight_smile:

Thanks

Webmin also supports key-based logins, just like ssh. So, if you’re feeling paranoid, you might consider going that route for the Cloudmin master administrator user. Go to the Webmin Configuration>Certificate Authority page to setup Webmin to generate certs for users, and then as the user you want to authenticate via SSL certificate, browse to Webmin Users and click Request an SSL Certificate.

This would then mean only your specific browser could login as that user.

You may also want to have a look around at the various security features of Webmin. Note that many of them are per-user, and so live in Webmin Users; so to see them all you’d look in both Webmin Configuration (in several sections) and in Webmin Users on the page of the user you want to restrict.

We do agree that the potential for abuse in the case of a compromised Cloudmin master system is simply overwhelmingly scary. But the alternative is not to have this kind of control, and no central management, at all.

I can’t see that tying Webmin to an SSH session is a particularly good security measure (given that Webmin also supports key-based authentication, and has a security record on part with that of OpenSSH in the past few years), but we are working on ways for Cloudmin to offer secure backups (that even Cloudmin itself can’t destroy), which I think will be core to providing really safe large scale cloud computing.