Secure remote control of Transmission over the internet

Discussion of the Web Interface for Transmission, formerly known as Clutch. This applies to all version of Transmission
Post Reply
slinkware
Posts: 1
Joined: Tue Jun 01, 2010 1:00 am

Secure remote control of Transmission over the internet

Post by slinkware »

All,

Hope you do not take offense to this semi-commercial post. Just posted a blog entry on how you can use Transmission web interface securely over the internet using Slink. You may find it interesting:

http://slinkware.com/2010/06/secure-rem ... nsmission/

Slink is a Mac remote access solution that tunnels Bonjour sessions, like the Transmission web interface. Happy to answer any questions! I wish more Mac apps were Bonjour enabled like Transmission is...

--Olof, Slink developer
killemov
Posts: 440
Joined: Sat Jul 31, 2010 5:04 pm

Re: Secure remote control of Transmission over the internet

Post by killemov »

The common solution would be to configure a proxy as an entry-point for https. Like https://trac.transmissionbt.com/wiki/WebProxy but configured for https.
Sino
Posts: 11
Joined: Sat Jun 19, 2010 1:43 pm

Re: Secure remote control of Transmission over the internet

Post by Sino »

killemov wrote:The common solution would be to configure a proxy as an entry-point for https. Like https://trac.transmissionbt.com/wiki/WebProxy but configured for https.
yup, but I tryed a lot and I still get stuck with the 409 error everything is nice I got a windows pop with port 443 asking me my login and pass ( so i'm connected with ssl ) and then :

Code: Select all

409: Conflict

Your request had an invalid session-id header.

To fix this, follow these steps:

When reading a response, get its X-Transmission-Session-Id header and remember it
Add the updated header to your outgoing requests
When you get this 409 error message, resend your request with the updated header
This requirement has been added to help prevent CSRF attacks.

X-Transmission-Session-Id: H0mpgJvAUjN1i9g6tUdjRDK6X8Mu6dfXbb2tvg13dUaEFnLX
I already talked about it there viewtopic.php?f=8&t=10306 and there viewtopic.php?f=8&t=8393

Finally I decided to let it be :/ But it's not good at all since I cannot access to it from some office where port 9091 isn't allowed to connect for. 80 is 443 too but not the transmission rpc by default.

Also with port 80 without ssl it does work but only if I was logged in before using the :9091 with the same browser.

I must have miss something important but I checked and I don't see what.

If somebody got an idea it's on dl.comfun.org/transmission
Post Reply