On Sun, Mar 28, 2010 at 7:16 PM, Michael Richardson wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
>> "Chris" == Chris Travers writes:
> >> As far as I'm concerned, SSH tunnels (from windows, using
> >> passwords), SSL (HTTPS), IPsec (using PSK), and OpenVPN (often
> >>
Yeah, can't get rid of the corp mentality and it seems a committe is still
needed prior to upgrading our back office solutions. Yeah, it was 7.3 in
2002, upgraded to its terminal 9 release, and not until 2009 we upgraded
to Centos 5.3. I don't remember it returned anything when I tried yum
search o
> I disagree.
>
> If you are using passwords with SSH, IPsec (PSK), or OpenVPN, then it
> is equivalent to HTTPS using passwords. Sure there are some minor
> differences in terms of resistance to SYN attacks, and stuff like
> that, but I think that is minor.
>
> What I'm implying is that if you ar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> "Chris" == Chris Travers writes:
>> As far as I'm concerned, SSH tunnels (from windows, using
>> passwords), SSL (HTTPS), IPsec (using PSK), and OpenVPN (often
>> using PSK) are all pretty much equivalent in security. HTTPS is
On Sun, Mar 28, 2010 at 8:11 AM, Michael Richardson wrote:
>
> I'm also one of the maintainers of Openswan.
>
> CISCO VPN adapters are not IPsec compliant, btw.
> The are hacks in Openswan to make it work with "CISCO VPN Adapters" (not
> to be confused with CISCO IPsec solutions).
>
> OpenVPN has
> "Chris" == Chris Travers writes:
Chris> When I build a VPN, I prefer to do it using
Chris> standards-compliant tools. OpenSSH, while
Chris> standards-compliant isn't particularly scalable. OpenVPN
Chris> while fairly scalable wasn't based on any standards last time
Chr
On Sat, Mar 27, 2010 at 12:06 PM, Tim Lai wrote:
> Try openswan way back redhat7.3. Can't get it to compile. Is openswan
> easier to implement now? We are always short of time so had to take
> the easier path. Tim
OpenSWAN on RH 7.3? RedHat always made custom kernel modules a bit of
a problem to
I use openswan for about 15 of my clients. As Chris said, it has some
big advantages in that besides linux, mac and windows can connect to it
using native and standards-compliant software built into the os, and it
also supports a configuration where one side of the connection can be a
dynamic addr
Try openswan way back redhat7.3. Can't get it to compile. Is openswan
easier to implement now? We are always short of time so had to take
the easier path. Tim
Sent from my iPhone
On Mar 27, 2010, at 9:14 AM, Chris Travers
wrote:
> particularly scalable.
> OpenVPN while fairly scalable was
My two cents here:
When I build a VPN, I prefer to do it using standards-compliant tools.
OpenSSH, while standards-compliant isn't particularly scalable.
OpenVPN while fairly scalable wasn't based on any standards last time
I checked. I usually use OpenS/wan in the past. The nice thing about
Op
Hi Luke,
Luke wrote:
> On Sat, 27 Mar 2010, David Godfrey wrote:
>
>> We Looked at openvpn and other VPN options, but there are limitations,
>
> We?
We as in we here at SBTS and some of our customers.
>
>> including the setup requirements, and issues with dynamic IP's
>
> Which issues are t
Use openvpn for six years now. It works great, except for remote login
from iPhones. Some of the phones got upgraded to the latest firmware
and can't be jailedbreaked, so no openvpn support. Then again, there
is no official support of openvpn on iPhones. The tmp
solution...random dir name a
On Sat, 27 Mar 2010, David Godfrey wrote:
> We Looked at openvpn and other VPN options, but there are limitations,
We?
> including the setup requirements, and issues with dynamic IP's
Which issues are those? Given that I do it on a daily basis, I am
curious.
> It currently does require that
Hi Luke
We Looked at openvpn and other VPN options, but there are limitations,
including the setup requirements, and issues with dynamic IP's
The solution we have allows simple remote connection from any machine,
providing you have the required auth tokens.
other than the requirement for the c
Wouldn't OpenVPN be a bit more robust for that application?
Not that ssh is the wrong way, just that if you know the endpoints most of
the time, OpenVPN gives you a more stable connection.
It also has the upside of not having much issue with firewalls.
Luke
On Sat, 27 Mar 2010, David Godfrey w
Hi Richard,
Please contact me off list. I have a set of scripts that should allow
you do "painlessly" make remote connections via an ssh tunnel.
Eventually I will publish these scripts at
http://www.sbts.com.au/lsmb/addons.php but for now there is a bit too
much modification required for any s
You need to post the relevant portion of the apache error log.
On Fri, 26 Mar 2010, beamends wrote:
> Hi All,
> not strictly a LSMB issue.
>
> I'm trying to login from a remote location (i.e. the other side of our
> router), but after the "small" login screen that usually vanishes to be
> re
Hi All,
not strictly a LSMB issue.
I'm trying to login from a remote location (i.e. the other side of our
router), but after the "small" login screen that usually vanishes to be
replaced by the real LSMB login screen Apache throws up "Internal Server
Error". I've been here before but for the l
18 matches
Mail list logo
