Guide: How to create secure login for rutorrent

randac56

Member
May 25, 2018
915
0
16
I think something like this should come in a README for rutorrent along with the .config file I've supplied

so after you've set it all up and sucessfully logged in you'll want to secure your rtorrent interface. I did this by using htdigest2 like it's done with mythweb. Pretty simple, you create a password file, then put the conf file in apache then restart apache.


First make the password file, you want to put it somewhere else other than in your webserver directory, like in /var/lib/apache2 or /etc/apache2/ or something

The first command with the -c will create the file, put it in a dir, give it a name, assign the realm, then give a username. After you hit enter it'll prompt you for a password. All of these can be changed as you like so long as you remember them for the .conf file after

Code:
htdigest2 -c /etc/apache2/rtorrent.password.digest rtorrent username
If you want other users to log in too you can add them to that same file with this:

Code:
htdigest2 /etc/apache2/rtorrent.password.digest rtorrent username

Second, go into the config folder for your distro, myne was /etc/apache2/conf.d/

Code:
vim rutorrent.conf
and paste the following code, then change the following lines as required:

AuthName "rtorrent"
AuthUserFile /etc/apache2/rtorrent.password.digest

Code:
<LocationMatch .*/pl/stream/[0-9]+/[0-9]+>
Allow from all
</LocationMatch>

<Directory "/srv/www/htdocs/rutorrent" >

AuthType Digest
AuthName "rtorrent"
AuthUserFile /etc/apache2/rtorrent.password.digest
Require valid-user
BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
Order allow,deny
Satisfy any
</Directory>

Third and last: restart apache

Code:
/etc/init.d/apache2 restart
done. grin.gif


If anyone can think of ways to improve this, or do it a completely different way but have it more secure please post!
 

peshua19

Member
May 25, 2018
897
0
16
if you want to make it as secure as possible, you should look into browser based ssl certificates.


this would make it where someone without the proper cert wouldn't be able to log in.
 

simur612

Member
May 25, 2018
879
0
16
Quote
I think something like this should come in a README for rutorrent along with the .config file I've supplied​

If you don't use plugin RPC or HTTPRPC, you must also defend with authorization /RPC2 mount point. Or move this mount point inside rutorrent directory.
 

simur612

Member
May 25, 2018
879
0
16
Quote
I've also got my settings as /RPC2 in config.php - is this correct?​


Dont understand. What correct? Settings in your config.php? I think - yes, if all working ok for you.
Guide? It is partially incorrect, you *must* defend with authorization /RPC2 mount point. Or move this mount point inside rutorrent root directory. As i already write above.
 

peshua19

Member
May 25, 2018
897
0
16
basically, what simur is saying is this:

when you use mod_scgi to create the mountpoint at /RPC2 , unless / is protected by soem form of authentication, /RPC2 will be open.

So, you can either:

Set authentication on /
set authentication on /RPC2

mount your scgi on the directory which you've previously set auth on (for instance /rutorrent/RPC2 )
 

lisas4567

Member
May 25, 2018
773
0
16
Greetings!
Got tired of torrentflux and installed rtorrent and this gui instead. Looks great. But I need a login hack since the server is available on the web.

I tried this recipie. Didn't really get it working. Now I get a "500 internal server error". By editing I can make it ignore the login, and by setting the auth to basic I can get it to ask for a username and passwd. But the username and passwd I've set doesn't work.

I don't understand what this mountpoint /RPC2 means... I dont have a RPC2 dir in my root?? Could anyone help please. I really want to set this up, and get it working with a login so random ppl don't download stuff to my server.
 

peshua19

Member
May 25, 2018
897
0
16
Quote
Greetings!
Got tired of torrentflux and installed rtorrent and this gui instead. Looks great. But I need a login hack since the server is available on the web.

I tried this recipie. Didn't really get it working. Now I get a "500 internal server error". By editing I can make it ignore the login, and by setting the auth to basic I can get it to ask for a username and passwd. But the username and passwd I've set doesn't work.

I don't understand what this mountpoint /RPC2 means... I dont have a RPC2 dir in my root?? Could anyone help please. I really want to set this up, and get it working with a login so random ppl don't download stuff to my server.​

the /RPC2 mountpoint is for the SCGI aspect of rtorrent

the way rtorrent communicates with web front ends is via a scgi "tunnel"

the typical method for creating this tunnel is via the webserver and a mod_scgi

the other method is to use the rutorrent addon RPC (or httprpc)
 

lisas4567

Member
May 25, 2018
773
0
16
Oke. I'm using ubuntu, and installde rtorrent through apt get. Also installed libapache2-mod-scgi through apt get and then the webui worked (after some small configs). But.... I have no idea what else to do to make it work. Followed this guide (only thing I changed was the dir to /var/www/rtorrent), and now I'm getting 500 internal server error when trying to browse that specific dir. What should I do?

Also, had to use "htdigest -c /etc/apache2/rtorrent.password.digest rtorrent username" instead of htdigest2. It was a tool from apache2-utils Can that be it?
 

lisas4567

Member
May 25, 2018
773
0
16
one more thing. the scgi_module _is_ loaded. the webui and rtorrent works fine if I remove all the steps done in this tit. so obviosly there must be something wrong with some of the steps, or something different for an ubuntu system than what has been used here... any ideas?
 

saroos1

Member
May 25, 2018
718
0
16
Quote
Oke. I'm using ubuntu, and installde rtorrent through apt get. Also installed libapache2-mod-scgi through apt get and then the webui worked (after some small configs)​


If I am correct this actually should not work , as you need rtorrent compiled with XMLRPC-C , as without that rtorrent & rutorrent do not work 100%
 

lisas4567

Member
May 25, 2018
773
0
16
Quote
Quote
Oke. I'm using ubuntu, and installde rtorrent through apt get. Also installed libapache2-mod-scgi through apt get and then the webui worked (after some small configs)​

If I am correct this actually should not work , as you need rtorrent compiled with XMLRPC-C , as without that rtorrent & rutorrent do not work 100%



You're partially correct. With the rtorrent available through apt, and the latest rutorrent from the official site, the main features work. I can also install new plugins. But configuring anything through the webui doesn't work, and with the auth setup mentioned above I was not able to login through firefox. Ie and chrome worked, firefox just halted on the loading screen. I can upload torrents, pause, delete, stop, read trackers, read seeds etc. though.
 

lisas4567

Member
May 25, 2018
773
0
16
Quote
if it is not compiled with xmlrpc-c it will not work period.



edit:

it seems the latest package of rtorrent on ubuntu FINALLY includes xmlrpc-c
(per http://packages.ubuntu.com/lucid/rtorrent )



I think firefox might have a problem with digest authentication....for maximum support use basic auth.


that's what I said;) But it's a bit old so I do get some errors. But I can configure in backend so it's no biggie.

Regarding auth: using basic. Digest didn't work at all. Got the 500 error.
 

randac56

Member
May 25, 2018
915
0
16
yah, they likely use the stable or old-stable version of xmlrpc-c

I tend to always use the svn-advanced version....gives you more functions.
 

shwetha17

Member
May 24, 2018
785
0
16
lucid now has rtorrent 0.8.6 but still old-stable xmlrpc

but packages still suck, compiling your software is far better for your system
 

lisas4567

Member
May 25, 2018
773
0
16
Quote
lucid now has rtorrent 0.8.6 but still old-stable xmlrpc

but packages still suck, compiling your software is far better for your system​



agreed.

you really need xmlrpc-c > 1.11
 

simur612

Member
May 25, 2018
879
0
16
Quote



First make the password file, you want to put it somewhere else other than in your webserver directory, like in /var/lib/apache2 or /etc/apache2/ or something

The first command with the -c will create the file, put it in a dir, give it a name, assign the realm, then give a username. After you hit enter it'll prompt you for a password. All of these can be changed as you like so long as you remember them for the .conf file after

Code:
htdigest2 -c /etc/apache2/rtorrent.password.digest rtorrent username

I've used
Code:
htdigest -c /etc/apache2/rtorrent.password.digest username1 username1instead[/color]


Second, go into the config folder for your distro, myne was /etc/apache2/conf.d/

Code:
vim rutorrent.conf
i've used
Code:
nano rutorrent.confinstead[/color]

and paste the following code, then change the following lines as required:

AuthName "username1"
AuthUserFile /etc/apache2/rtorrent.password.digest

Code:
<LocationMatch .*/pl/stream/[0-9]+/[0-9]+>
Allow from all
</LocationMatch>

<Directory "/srv/www/htdocs/rutorrent" >

AuthType Digest
AuthName "username1"
AuthUserFile /etc/apache2/rtorrent.password.digest
Require valid-user
BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
Order allow,deny
Satisfy any
</Directory>

Third and last: restart apache

Code:
/etc/init.d/apache2 restart




Hi...

I cann't make this work for me... When i try to access my rutorrent via https i get a "cant connect error" or something like this but via http is working correctly.

I'm under Debian Squeeze 64bit

Can anyone give me a hand on this???

cheers