Connecting to Webmin securely over an SSH tunnel
If your server is connected to the Internet and you use SSH to connect to it, you can secure it by disallowing Webmin from accepting any remote connections. You can then use an SSH tunnel to connect to Webmin. This lowers the potential attack surface of your machine and protects you against possible security vulnerabilities in Webmin itself. Any attacker would have to break into your SSH account or otherwise gain local access to your system to connect to Webmin.
Getting ready
Before you begin, you should follow the Restricting Webmin access to a specific IP recipe of this chapter and add the IP address 127.0.0.1 to the list of hosts allowed to connect to Webmin.
In this recipe, we'll be using the command line version of SSH that is available on most systems, but it is not available on Windows. Look in the There's more... section of this recipe for instructions specific to Windows.
How to do it...
Perform the following steps to securely connect...
