[KLUG Members] Secure access options.
Bryan J. Smith
members@kalamazoolinux.org
11 Jun 2002 19:20:07 -0400
On Tue, 2002-06-11 at 17:09, Randall Perry wrote:
> We are adding a new warehouse in Florida. We are also adding a couple
> of people (as individuals) in other states. My initial thought was to
> connect the Florida to Indiana with FreeSwan to connect network to
> network.
I'd use something that uses Blowfish for reduced overhead. VPNd works
well: http://sunsite.dk/vpnd/
But I'm a well-known Blowfish bigot. I trust it more than the even
Rijndel/AES for somethings, which is designed more for smartcards.
> We have an ACHES Unix box that the salesmen need to access
> from their laptops. I was thinking SSH tunneling using Putty.
I like SSH because I'm NOT opening up my entire network to any
compromise of a remote desktop. Assuming Putty it does the later SSH2
protocols, that's a good idea.
You could also install Cygwin and have it run a BASH script on startup
to call OpenSSH. The idea behind using Cygwin is that it is very easy
to update and keep current. I also make Cygwin/X standard on all my
Windows systems so I use whatever it has before I download anything else
I may or may not trust (yes, putty is something you can):
http://www.cygwin.com
> Anyone have any suggestions for improvement? Do any dialup services
> have issues implementing such a solution?
I've never run into a service that blocks port 22. And you could always
use a non-standard port if needbe.
> I want to do this without paying for a PVC hosted by telco. Thanks
> for your input.
In today's Internet, as long as you are careful in what you do, there is
no reason you cannot leverage the Internet's infrastructure for your
business.
-- Bryan
P.S. I'm in Orlando. Where are you guys opening up? Do you need a
Linux guru? If so, consider me. I'm looking for employment. My latest
resume/skills/references are always here: http://thebs.org/Resume
--
Bryan J. Smith, E.I. SmithConcepts, Inc.
(407)489-7013 (Mobile) http://SmithConcepts.com
mailto:b.j.smith@ieee.org Consulting Engineers and
BS Computer Engineering IT Professionals
CompTIA Linux+ Certified Vendor Independent Solutions