Secure entry into remote systems
Jeremy Brown
jeremy at cadre5.com
Wed May 19 05:12:34 UTC 2004
Edward wrote:
> I've used ssh locally before, and that is really simple to set up, but
> because of the open hole I'll be creating my question is really:
> Should I be learning about setting up VPN tunnels into their systems
> instead?
I may be a bit naive, but I've always assumed that ssh was relatively
secure (I know of several businesses and universities that leave SSH
servers open to the net at large). I know several Microsoft-y VPN
implementations have known security issues (e.g. PPTP), so I tend to
trust them a bit less. Although I'm sure there are very secure open
source VPN solutions out there.
I set up Poptop last year:
http://www.poptop.org/
It's a PPTP server. I remember it being hard to set up
though...required a hard-to-build kernel module, and uses a modified
version of pppd to serve incoming VPN connections. I seem to recall
googling a bit though and finding RPMS or SRPMS that could be used with
Fedora core.
Also because of the nature of the way it authenticates
(challenge/response) Poptop can't use PAM, so you are stuck using
chap-secrets.
Hope this helps.
Jeremy
More information about the users
mailing list