Star Hype News.

Premium celebrity moments with standout appeal.

general

How do you administer CUPS remotely using the web interface?

By John Thompson

I have an Ubuntu server in my apartment and I just got a printer, so it's time to share!

In the past I've used CUPS on my Desktop and I'd just point the browsers to localhost:631 to set things up. Can I used the web based admin tools remotely?

I've been playing with the /etc/cups/cupsd.conf file and am currently at the point where I can direct a browser on my LAN to server-ip:631 but I'm getting the 403 Forbidden error.

If it's not possible or it's a bad idea for security reasons to allow remote administrator of CUPS, would it be possible to accomplish this using an SSH tunnel to the sever?

4 Answers

I found this way to be simpler.

# cupsctl --remote-admin --remote-any --share-printers

It will update the /etc/cups/cupsd.conf file and restart cups for you, saving a backup of the previous configuration in the same folder.

It's the similar to the method presented in the official CUPS guide to printer sharing. I found the options --remote-admin in man cupsctl.

6

The way I normally achieve this is to tunnel over ssh via an arbitrary port:

ssh admin@10.36.8.43 -T -L 3631:localhost:631

Secure, and allows remote access. Won't solve all problems but useful for irregular access.

2

Mission achomplished! This page helped me out a lot.

All I had to do was add "Allow all" to to the access to the server and the admin pages so that my configuration now looked like:

# Restrict access to the admin pages...
<Location /admin> Order allow,deny Allow all
</Location>
# Restrict access to configuration files...
<Location /admin/conf> AuthType Default Require user @SYSTEM Order allow,deny
</Location>

Now I just need to figure out to only allow those on my local network to access the admin pages and the configuration files :) (though it's probably not a big deal since I don't have port forwarding for 631 set up on the router?).

EDIT: To only allow a certain computer I could have done something like

<Location /admin> Order allow,deny Allow from 10.10.10.5
</Location>

Or for the whole 10.10.10 subnet,

<Location /admin> Order allow, deny Allow from 10.10.10.*
</Location>
0

You might need to add the following line to your CUPS configuration file (/etc/cups/cupsd.conf):

Listen 127.0.0.1:631 # existing loopback Listen
Listen /var/run/cups/cups.sock # existing socket Listen
// this two line
// replace 192.168.10.250 with ur only ip
Listen 192.168.10.250:631 # Listen on the LAN interface, Port 631 (IPP)
Port 631 # Listen on port 631 on all interfaces
//
  • Reference:

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

Related Archive

More in general