Hello, I have been following this thread and am extremely interested in any solutions to the presented scenarios. We use OpenBSD to build firewall/Spam filtering boxes customized as needed by our customers.
I have been working on developing a Python client for Windows that would open/maintain an SSH connection by reading the windows username OR by having a configurable username/password that is stored (encrypted) on the client system. If only our customers would use BSD workstations...sigh... Alternatively we have looked at writing a small server piece that simply modifies the tables in PF as needed as well and custom writing a piece of software for the Win32 clients (again in python) that would do the same thing as above - just it would communicate with the custom server. The only issue we have with the second option is security concerns as we are not hard-core programmers at heart so I would prefer the simpler scripted solution. In that light - the first solution would be better from our point of view - but I am sure there is a flaw in it somewhere. As to when the client disconnects - the ssh session will close when the system is turned off - and we can also have a notification icon on the taskbar to control the connection. While a web-based solution would be more than ideal - I think what I have will work. What our clients need is a piece of software that doesn't require much user interaction - even Putty would be hard to convince them to use. So we hide everything behind a pretty GUI and do the same things through a custom written app. Please feel free to tear my every simple plan to shreds....I can take it. Thanks, Brian Shackelford -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lars Hansson Sent: Monday, September 18, 2006 4:10 AM To: [email protected] Subject: Re: webbased authpf ? On Monday 18 September 2006 16:01, Bryan Irvine wrote: > Yes but does authpf have a mechanism for understanding this? You could insert the Ip address into the authpf_users table (or whatever table you want, really) but you'd still have the good ole problem of reliably detecting user "logout" or disconnection. --- Lars Hansson
