Before opening SSH to the wordld, you might contemplate encapsulating it with stunnel. It also helps with paranoid firewalls ;-)
-----Original Message----- From: Stefanie Leisestreichler <stefanie.leisestreich...@peter-speer.de> Sent: Tuesday, February 14, 2023 4:42 PM To: openvpn-users@lists.sourceforge.net Subject: [Openvpn-users] openVPN vs openSSH for single user access Hi. I like openVPN, it is a cool piece of software :) For years I've been reading this list. Always a good source for great info, thanks! Today I am asking for your advice. I need to grant access to one machine to an user who is able to use a terminal. The whole net is a small one without the need for openvpn to manage it since now. I am thinking about giving this single use the possibility to connect to the machine (running in DMZ) via ssh access, dnatted over the public internet. The sshd will be kept updated (arch linux as os). Auth will be made using public/private cert. What do you think? Steffi _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten. This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages. _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
