hits
Administrating Remote Cherokee Servers
There is something about the Cherokee administration interface that have been generating the same question over and over again since we released the first version a few weeks ago: "How can I administer a remote server?".
The configuration interface server (cherokee-admin) binds only the local network interface, so it is not possible access it from anyway else by the machine where the server is running.
There are two possibilities if you really want to access the administration server remotely:
You can launch cherokee-admin with the --bind parameter. In this case the server would bind to the new specified interface; most probably your local network interface.
This case is the easiest one, but also the most dangerous case as well: anyone on your local network would be able to access the server configuration, which does not look like something desirable.
The second option is in my opinion the right approach to the problem. The basic idea is to run cherokee-admin on the local interface, and then create a SSH tunnel from your machine to that local port in the remote server.
You need SSH access to the web server box, but we can assume it is granted to you - at the end of the day, you are the web server admin. So, the easiest way to run the server and map the TCP port would be:
ssh -L 9090:localhost:9090 remote-web-server "sudo cherokee-admin"
after which you could browse the remote administration interface in http://localhost:9090/
I hope this help to clarify things.. :-)
Comments
What about exposing the administration interface over some secure HTTP based authentication? For instance, SPNEGO.
