Enhancement #2956

Base: refactor Remote Access page

Added by Giacomo Sanchietti about 5 years ago. Updated almost 5 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-openssh
Target version:v6.6-beta1
Resolution: NEEDINFO:No

Description

The Remote Access page should be removed and consolidated inside the networks service page.
Steps:

  • move SSH tab configuration to a separate module
  • delete Server Manager tab
    • if access contains the 0.0.0.0 network, map it to access public
    • if access contains one or more networks, map it to access private and with AllowedHosts
  • take care to remove useless Allow directives from httpd-admin configuration

Related issues

Duplicated by NethServer 6 - Enhancement #2907: Remove Remote Access > Server Manager tab CLOSED

Associated revisions

Revision 35e06384
Added by Davide Principi about 5 years ago

Removed RemoteAccess page. Refs #2956

- the Ssh module was moved to nethserver-openssh.
- httpd-admin access is controlled by NetworkServices page.

Revision cb5f3f94
Added by Davide Principi about 5 years ago

New Ssh page. Refs #2956

Removed RemoteAccess page from nethserver-base.

Revision 63903e78
Added by Davide Principi about 5 years ago

remote-access-update event no longer exists. Refs #2956

Enforce access control from the system firewall on port 980.

Revision 7dee6750
Added by Davide Principi about 5 years ago

httpd-admin: migrate ValidFrom prop to AllowAccess. Refs #2956

  • access prop is always left untouched
  • AllowAccess prop, if alredy exists, is left untouched
  • Migration of ValidFrom to AllowAccess occurs only if access=private:
    the default 0.0.0.0/0.0.0.0 entry is ignored and netmask format is
    converted to CIDR

Revision e5ea7c9a
Added by Davide Principi about 5 years ago

Removed RemoteAccess page. Refs #2956

- the Ssh module was moved to nethserver-openssh.
- httpd-admin access is controlled by NetworkServices page.

Revision 30d8696b
Added by Davide Principi about 5 years ago

Removed "Remote access" section. Refs #2956

History

#1 Updated by Giacomo Sanchietti about 5 years ago

  • Target version set to v6.6-beta1

#2 Updated by Davide Principi about 5 years ago

  • Status changed from NEW to TRIAGED
  • % Done changed from 0 to 20

#3 Updated by Davide Principi about 5 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Davide Principi
  • % Done changed from 20 to 30

#4 Updated by Davide Principi about 5 years ago

  • Status changed from ON_DEV to MODIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 30 to 60

Test case

  • Verify migration of httpd-admin/ValidFrom to AllowHosts prop is consistent for different scenarios
  • Check new "Ssh" page: functionality, translation, documentation

#5 Updated by Davide Principi about 5 years ago

  • Status changed from MODIFIED to ON_QA
  • % Done changed from 60 to 70

In nethserver-testing (6.6)
nethserver-base-2.5.3-18.0gite5ea7c9a.ns6_6.noarch.rpm
nethserver-base-2.5.4-5.0gitd2afe3e3.ns6.noarch.rpm
nethserver-httpd-admin-1.3.4-1.0git7dee675.ns6_6.noarch.rpm
nethserver-httpd-admin-1.3.5-1.3git127d000.ns6.noarch.rpm
nethserver-openssh-1.0.7-6.0gitcb5f3f94.ns6_6.noarch.rpm
nethserver-openssh-1.0.8-2.0gitb3cfe424.ns6.noarch.rpm

#6 Updated by Giacomo Sanchietti about 5 years ago

  • Assignee set to Giacomo Sanchietti

#7 Updated by Giacomo Sanchietti about 5 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 70 to 90

httpd-admin

Following tests are verified:

  • If ValidFrom is set to 0.0.0.0, access prop become public
  • If ValidFrom is set 10.0.0.0/24 and access is public, new access is public
  • If ValidFrom is set 10.0.0.0/24 and access is private, new access is private and AllowHosts is 10.0.0.0/24

SSH

After changing port:

Dec  9 14:19:28 localhost sshd[11795]: Server listening on 0.0.0.0 port 222.

SSH after disabling password access:

[root@localhost ~]# grep PasswordAuthentication /etc/ssh/sshd_config 
PasswordAuthentication no

After disabling root login:

[root@localhost ~]# grep Root /etc/ssh/sshd_config 
PermitRootLogin yes

Also inline help is good.

#8 Updated by Davide Principi almost 5 years ago

  • Category changed from <multiple packages> to nethserver-openssh

#9 Updated by Davide Principi almost 5 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100

In nethserver-base 6.6
nethserver-openssh-1.0.8-4.0git9a4d1d80.ns6.noarch.rpm
nethserver-base-2.5.5-48.0gita30c1527.ns6.noarch.rpm
nethserver-httpd-admin-1.3.6-2.21git960213c.ns6.noarch.rpm

#10 Updated by Davide Principi over 4 years ago

Also available in: Atom PDF