[KLUG Members] Secure access options.

Bryan J. Smith members@kalamazoolinux.org
11 Jun 2002 19:20:07 -0400

Previous message: [KLUG Members] Secure access options.
Next message: [KLUG Members] Re: Secure access options. -- Formal Apology for "List Abuse"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2002-06-11 at 17:09, Randall Perry wrote:
> We are adding a new warehouse in Florida.  We are also adding a couple
> of people (as individuals) in other states.  My initial thought was to
> connect the Florida to Indiana with FreeSwan to connect network to
> network.

I'd use something that uses Blowfish for reduced overhead.  VPNd works
well:  http://sunsite.dk/vpnd/

But I'm a well-known Blowfish bigot.  I trust it more than the even
Rijndel/AES for somethings, which is designed more for smartcards.

> We have an ACHES Unix box that the salesmen need to access
> from their laptops.  I was thinking SSH tunneling using Putty.

I like SSH because I'm NOT opening up my entire network to any
compromise of a remote desktop.  Assuming Putty it does the later SSH2
protocols, that's a good idea.

You could also install Cygwin and have it run a BASH script on startup
to call OpenSSH.  The idea behind using Cygwin is that it is very easy
to update and keep current.  I also make Cygwin/X standard on all my
Windows systems so I use whatever it has before I download anything else
I may or may not trust (yes, putty is something you can): 
http://www.cygwin.com 

> Anyone have any suggestions for improvement? Do any dialup services
> have issues implementing such a solution?

I've never run into a service that blocks port 22.  And you could always
use a non-standard port if needbe.

> I want to do this without paying for a PVC hosted by telco.  Thanks
> for your input.

In today's Internet, as long as you are careful in what you do, there is
no reason you cannot leverage the Internet's infrastructure for your
business.

-- Bryan

P.S.  I'm in Orlando.  Where are you guys opening up?  Do you need a
Linux guru?  If so, consider me.  I'm looking for employment.  My latest
resume/skills/references are always here:  http://thebs.org/Resume

-- 
Bryan J. Smith, E.I.                    SmithConcepts, Inc.
(407)489-7013 (Mobile)             http://SmithConcepts.com
mailto:b.j.smith@ieee.org          Consulting Engineers and
BS Computer Engineering                    IT Professionals
CompTIA Linux+ Certified       Vendor Independent Solutions

Previous message: [KLUG Members] Secure access options.
Next message: [KLUG Members] Re: Secure access options. -- Formal Apology for "List Abuse"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]