As I said, the VPN part is more to save having to set up local port forwarding and DynDNS, especially as my Dad is with BT, and their default response with the home hub is "Press the reset button on the side of the router. Does it work now?"
OpenVPN configuration is pretty straightforward, here's my config file for my laptop: client dev tun proto udp remote MyHostName 1194 resolv-retry infinite nobind persist-key persist-tun ca ca_Jon_EEE.crt cert Jon_EEE.crt key Jon_EEE.key ns-cert-type server comp-lzo float keepalive 10 120 And on my server: client-to-client comp-lzo persist-key persist-tun ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/Server.crt dh /etc/openvpn/keys/dh1024.pem ifconfig-pool-persist /tmp/ipp.txt key /etc/openvpn/keys/Server.key max-clients 64 port 1194 status /tmp/openvpn.clients 15 status-version 2 syslog openvpn verb 3 push "route 10.8.0.0 255.255.255.0" dev tun server 10.8.0.0 255.255.255.0 proto udp client-config-dir /etc/openvpn/ccd writepid /var/run/openvpn-openvpn.pid Once you've got the server-side all set up, the "complicated" bit, is setting up SSL certificates - and that's easily scriptable too. For the pain of a few bits of trial-and-error, you get to forget about anything else at their end, but like all things IT, there are very many more ways to solve things than one, and each one has their own benefits and disadvantages. This is just my preferred way of doing it. -- Jon "The Nice Guy" Spriggs On 21 May 2011 16:27, Alan Pope <a...@popey.com> wrote: > On 21 May 2011 15:55, Jon Spriggs <j...@sprig.gs> wrote: >> How will you be supporting it? >> > > Good question. I don't know if I will yet. However what i did for my > mum was setup a dyndns address which automatically updates whenever > their her IP changes. > > I can then ssh into her machine via the dyndns hostname, or I can use > vnc over ssh with:- > > vncviewer localhost -via mumshostname.dyndns.org > > That gives me an encrypted tunnel over which VNC runs, and I can avoid > any VPN setup :) > > In terms of laptops being stolen I tend to install preyproject. > > Cheers, > Al. > > -- > ubuntu-uk@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk > https://wiki.ubuntu.com/UKTeam/ > -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/