[K12OSN] TC wifi initializtion - concept
jim.kinney at gmail.com
Tue Apr 8 19:05:57 UTC 2014
Same encryption algorithms on ssh and openvpn. Ssh through VPN is bloated
and overkill for k12 needs. Can manage ssh keys with freeIPA on centos6 as
ssh knows through Pam to check LDAP for user keys (slick!). Big issue is
requiring password on ssh keys for users.
On Apr 8, 2014 2:10 PM, "Roger Nutbeam" <gnutbeam at gmail.com> wrote:
> I know both will use ssh tunneling, but I find a VPN easier to manage on a
> larger scale than ssh clients, keys and tunnels. It also doesn't give me
> the warm fuzzies forwarding ssh through my firewall to internal machines.
> On Tue, Apr 8, 2014 at 12:52 PM, Les Mikesell <lesmikesell at gmail.com>wrote:
>> On Tue, Apr 8, 2014 at 12:43 PM, Roger Nutbeam <gnutbeam at gmail.com>
>> > You'd definitely want to run your outside<-in connections over a VPN
>> too. I
>> > use OpenVPN and it works well.
>> That's always a good idea - but both NX and x2go will use ssh for
>> their connection and tunnel everything through it anyway. X2go will
>> also transparently fire up a pass-through connection using rdp to a
>> windows desktop if you need remote access and want the
>> encryption/compression/caching features.
>> Les Mikesell
>> lesmikesell at gmail.com
>> K12OSN mailing list
>> K12OSN at redhat.com
>> For more info see <http://www.k12os.org>
> K12OSN mailing list
> K12OSN at redhat.com
> For more info see <http://www.k12os.org>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the K12OSN