SWAT and SSL
Lots of people have asked about how to setup SWAT with SSL to allow for secure remote administration of Samba. Here is a method that works, courtesy of Markus KriegerMy modifications to the swat setup are as following:
- install OpenSSL
- generate certificate and private key
root# /usr/bin/openssl req -new -x509 -days 365 -nodes -config /usr/share/doc/packages/stunnel/stunnel.cnf -out /etc/stunnel/stunnel.pem -keyout /etc/stunnel/stunnel.pem
- remove swat-entry from [x]inetd
- start stunnel
root# stunnel -p /etc/stunnel/stunnel.pem -d 901 -l /usr/local/samba/bin/swat swat
Sources:
stunnel: http://www.stunnel.org/
openssl: http://www.openssl.org/