[KLUG Members] Are there any _secure_ VPN solutions for Linux?

[Adam Williams]

> >  http://www.cs.auckland.ac.nz/~pgut001/pubs/linux_vpn.txt
> >I'm not sure what to make out of some of his comments (especially the
> >Churchill reference).  Anyone care to offer their translation?  
> Can't help with your vpn search, but the Churchill reference is from his 
> quote about democracy that went something like this: Democracy is the 
> worst form of government, except for all the others."  Translation, it 
> ain't great, but it's the best we've got. 

The exact quote goes "Democracy is the worst form of government except
all those other forms that have been tried from time to time.",
according to my quote book.  And while attributed to Winston, there is a
note about speculation whether this is an "original" statement or was he
paraphrasing someone else (no shock, Winston was kind of a rube from
everything I've read).

> The article paraphrases and says "SSL is the worst way to build a VPN, 
> except for all the others"  Translation: it ain't great, but it's the 
> best we've got.  So, he thinks building a VPN using SSL is the -best- 
> existing method.

Right; the author seems to mean you have two reasonable options: ipsec
(ludicrously complicated and a pain to administrate) or ssl (a bit of a
kludge and not real efficient).