I found the way to keep the current schema more secure. I did a coulpe of commits about that. Now using the ssh key allows only to open remote port redirections (supporting recovery shell notifications) and upload files to the data folder. I think that's enough for a quick costless solution. If dropbear gives the possibility to ignore the server host key we can also support management server migrations. -Walter Il giorno 28/mag/2011 07.43, "Srikanth Sundaresan" ha scritto: > This is good stuff. I think it's a good idea to test these out; the current solution is quite elegant, but the security holes are worrisome. > > - Srikanth > On May 28, 2011, at 5:39 AM, Dave Taht wrote: > >> I have put my thoughts towards VPNs up on the wiki at: >> >> http://www.bufferbloat.net/projects/bismark/wiki/VPN_solutions_under_evaluation >> >> Completely outside for the scope of the existing tunneling scheme, I have had multiple requests for a working vpn solution from outside of this project, so I hope to spend a little time next week looking into the problems and alternatives as I catch up on cerowrt and iscwrt. >> >> However, if you have any thoughts towards requirements or would be willing to join in a test, >> please add them to the wiki page. >> >> -- >> Dave Täht >> SKYPE: davetaht >> US Tel: 1-239-829-5608 >> http://the-edge.blogspot.com >> _______________________________________________ >> Bismark-devel mailing list >> Bismark-devel@lists.bufferbloat.net >> https://lists.bufferbloat.net/listinfo/bismark-devel > > _______________________________________________ > Bismark-devel mailing list > Bismark-devel@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/bismark-devel >