Notices


Reply
Thread Tools
Posts: 26 | Thanked: 12 times | Joined on Dec 2012
#11
Hi hypnotoad123,

Originally Posted by hypnotoad123 View Post
Hi,
is your server https (it should be) or http? Network unreachable does not sound like an owncloud problem.
my server is only binded in http... could this be the problem???


Originally Posted by hypnotoad123 View Post
is it availabe for adding to the desktop?
I don't understand what you mean... but ok it is not so important right now...

Thank you
 
Posts: 1,365 | Thanked: 1,555 times | Joined on Jun 2010 @ Göteborg, Sweden
#12
Originally Posted by enekux View Post
my server is only binded in http... could this be the problem???
I guess it is as I see the same thing. Indeed, one should use https but my initial test was on a test-server on my Lan behind an openwrt firewall/router. Have yet to enable ssl on apache2.
 

The Following User Says Thank You to handaxe For This Useful Post:
Posts: 26 | Thanked: 12 times | Joined on Dec 2012
#13
Hi,

actually I have managed to sync it also having http.

You have to modify the script "/usr/bin/simple_oc" on the line 56 where it says:

"ownclouds://${user}:${passwd}@${oc_url}/remote.php/webdav"

and you remove the 's' from "ownclouds"...

Well this is my workaround... I don't know if from the security perspective this is secure...

any comments?

Thank you
 

The Following User Says Thank You to enekux For This Useful Post:
Posts: 1,365 | Thanked: 1,555 times | Joined on Jun 2010 @ Göteborg, Sweden
#14
Originally Posted by enekux View Post
You have to modify the script "/usr/bin/simple_oc" on the line 56 where it says:

"ownclouds://${user}:${passwd}@${oc_url}/remote.php/webdav"

and you remove the 's' from "ownclouds"...

... I don't know if from the security perspective this is secure...

any comments?
Thanks! Smart work.

In general in a NSA dominated world using ssl (https) is a better bet. But if you care not that someone might snoop, then by all means http it is.

If you run your own server, a self signed certificate (needed for a httpd to run ssl) is just fine, as it will spawn warnings but who cares and you then get the high-grade encryption. But nothing is REALLY secure nowadays unless you really know wots wot, so YMMV.
 
Posts: 2,101 | Thanked: 1,927 times | Joined on Sep 2008 @ Berlin, Germany
#15
If i am not mistaken, ${user}, ${passwd} and {oc_url} will be fetched from the file ~/.simple_oc.cfg to log in to your account.
 

The Following User Says Thank You to michaaa62 For This Useful Post:
Posts: 1,365 | Thanked: 1,555 times | Joined on Jun 2010 @ Göteborg, Sweden
#16
Originally Posted by michaaa62 View Post
If i am not mistaken, ${user}, ${passwd} and {oc_url} will be fetched from the file ~/.simple_oc.cfg to log in to your account.
You are not, but that file does not specify connection protocol (it stores what one enters in the "first use" sequence, and that mentioned not using "http" etc in the url). I have not tested but the "s" seems reasonable as a specifier for https as opposed to http.

PS. Can folk install this using HAM/FAM? For some or other effing reason I cannot see it in the repos using those, though I can download it and use "dpkg -i" (sigh!).

Last edited by handaxe; 2014-01-31 at 23:51.
 

The Following 2 Users Say Thank You to handaxe For This Useful Post:
Posts: 32 | Thanked: 71 times | Joined on Dec 2011
#17
The packages are promoted for extras-testing now.

Furthermore, I will implement a simple update to use http connections instead of https, but I would rather recommend to use https since not only the password and username are transferred unencrypted, but also all the data. I think the "nothing is secure"-argument should not be used to omit any kind of data protection.
 

The Following 3 Users Say Thank You to hypnotoad123 For This Useful Post:
Posts: 1,365 | Thanked: 1,555 times | Joined on Jun 2010 @ Göteborg, Sweden
#18
Originally Posted by hypnotoad123 View Post
Furthermore, I will implement a simple update to use http connections...
One other thing: as I have a self-signed ssl cert. I keep getting prompted for "yes" with each sync.
 
Posts: 32 | Thanked: 71 times | Joined on Dec 2011
#19
The easiest way is to put the ca of your self-signed cert to the right location. Unfortunately, I did this a long time ago and forgot how I did this.

I guess, it works as follows:
As root put your root ca's certificate (starts with "--- begin certficate---") to the /etc/ssl/certs folder. Then run c_rehash. Afterwards, the certificate should be known to openssl.
 

The Following User Says Thank You to hypnotoad123 For This Useful Post:
Posts: 1,365 | Thanked: 1,555 times | Joined on Jun 2010 @ Göteborg, Sweden
#20
@ hypnotoad123: thanks for the update......
 
Reply

Thread Tools

 
Forum Jump


All times are GMT. The time now is 17:51.