From: Walter de Donato <walter.dedonato@unina.it>
To: Srikanth Sundaresan <srikanth@gatech.edu>
Cc: bismark-devel@lists.bufferbloat.net
Subject: Re: [Bismark-devel] vpn thoughts
Date: Sat, 28 May 2011 09:07:28 +0200 [thread overview]
Message-ID: <BANLkTikTHnqHXG=Vzf5QqHed78wrJyQL4A@mail.gmail.com> (raw)
In-Reply-To: <9D0E918C-6A80-47A1-8CA4-DDACE9E6B426@gatech.edu>
[-- Attachment #1: Type: text/plain, Size: 1772 bytes --]
I found the way to keep the current schema more secure.
I did a coulpe of commits about that.
Now using the ssh key allows only to open remote port redirections
(supporting recovery shell notifications) and upload files to the data
folder.
I think that's enough for a quick costless solution.
If dropbear gives the possibility to ignore the server host key we can also
support management server migrations.
-Walter
Il giorno 28/mag/2011 07.43, "Srikanth Sundaresan" <srikanth@gatech.edu> ha
scritto:
> This is good stuff. I think it's a good idea to test these out; the
current solution is quite elegant, but the security holes are worrisome.
>
> - Srikanth
> On May 28, 2011, at 5:39 AM, Dave Taht wrote:
>
>> I have put my thoughts towards VPNs up on the wiki at:
>>
>>
http://www.bufferbloat.net/projects/bismark/wiki/VPN_solutions_under_evaluation
>>
>> Completely outside for the scope of the existing tunneling scheme, I have
had multiple requests for a working vpn solution from outside of this
project, so I hope to spend a little time next week looking into the
problems and alternatives as I catch up on cerowrt and iscwrt.
>>
>> However, if you have any thoughts towards requirements or would be
willing to join in a test,
>> please add them to the wiki page.
>>
>> --
>> Dave Täht
>> SKYPE: davetaht
>> US Tel: 1-239-829-5608
>> http://the-edge.blogspot.com
>> _______________________________________________
>> Bismark-devel mailing list
>> Bismark-devel@lists.bufferbloat.net
>> https://lists.bufferbloat.net/listinfo/bismark-devel
>
> _______________________________________________
> Bismark-devel mailing list
> Bismark-devel@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/bismark-devel
>
[-- Attachment #2: Type: text/html, Size: 2523 bytes --]
prev parent reply other threads:[~2011-05-28 6:52 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-05-28 1:39 Dave Taht
2011-05-28 5:43 ` Srikanth Sundaresan
2011-05-28 7:07 ` Walter de Donato [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='BANLkTikTHnqHXG=Vzf5QqHed78wrJyQL4A@mail.gmail.com' \
--to=walter.dedonato@unina.it \
--cc=bismark-devel@lists.bufferbloat.net \
--cc=srikanth@gatech.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox