Make Webadmin Secure via Https://

[DomineauX]

Hello all,
I am new to TS however I am a webhosting server admin for 3 companies full time totalling 13 Redhat Enterprise Linux servers.
My question is something that I was surprised to not find any mention of on this forum so far:

how can the webadmin be configured to run via https://IP.add.re.ss:14534 to make use of SSL encryption? Just seems a bit insecure to connect to the webadmin with admin or superadmin rights and send the password through the internet to the server completely unencrypted. In fact, I have read threads mentioning that TS has no security holes, and unless I am mistaken, this should make consideration as a security hole. At least as big of a hole as "a duped admin" who makes the mistake of giving his password, or SA rights to someone who is not completely trustworthy.

If anyone knows of a way to enable SSL access to the webadmin, I sure would feel much better about the idea of potentially using this as a revenue stream. (just learning it by setting it up for a friend at the moment, but hope to see that it would be a good additional hosting package in the future.)

Thanks

[Leyte]

These directions may be what your needing.

Webmin with SSL

Cheers!

[Bruisah]

Um, are you sure?

I think DomineauX means using SSL with the Teamspeak webadmin GUI, not the well known and loved webmin GUI for *nix!

If you really mean that SSL can be set up for the TS web interface using the webmin config, let me know 'cos I'd like to do that too!

Regards,

Bruisah

[Leyte]

Um, are you sure?

I think DomineauX means using SSL with the Teamspeak webadmin GUI, not the well known and loved webmin GUI for *nix!

If you really mean that SSL can be set up for the TS web interface using the webmin config, let me know 'cos I'd like to do that too!

Regards,

Bruisah

My Bad... Your right there, I was talking Webmin.

[E-Razor]

got something for ya!

well, first of all gernerate a new certificate

cd /var/lib/teamspeak2-server/ssl
openssl req -new -x509 -nodes -out teamspeak2.pem -keyout teamspeak2.pem -days 900

now create our stunnel config:

echo 'client=no
transparent=no
debug=7
output=/var/log/teamspeak2-server/stunnel.log
cert=/var/lib/teamspeak2-server/ssl/teamspeak2.pem
setuid=teamspeak2
pid=/var/run/teamspeak2-server/stunnel.pid

TIMEOUTbusy=10
TIMEOUTclose=1
TIMEOUTidle=1

[stunnel]
accept=14535
connect=127.0.0.1:14534
' > /var/lib/teamspeak2-server/stunnel.conf

i used the tiny timeouts cos stunnel got problems with the login-page.

setup our permissions:
chown -R teamspeak2:root /var/lib/teamspeak2-server/


and start stunnel
stunnel /var/lib/teamspeak2-server/stunnel.conf

that one should work for killing the right stunnel:
kill $(cat /var/run/teamspeak2-server/stunnel.pid)

thats all :-)