Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] SSH tunneling restrictions

Patrick Niessen wrote:

> Most articles describe the bridged mode, 
> which I don't want to use as it requires "safe" client computers.

Using ssh instead of a VPN will not avoid the need to keep your 
client computers "safe". 

Any password you type on a compromised computer is also 
compromised. Any keys you store on a compromised computer 
(or access from a compromised computer, such as from a 
USB flash drive) are also compromised. Any encrypted traffic 
that is encrypted or decrypted on a compromised computer, 
is also compromised. 

Consider having your clients boot a live-CD (such as Knoppix 
or Puppy Linux) to do your sensitive stuff, regardless of 
whether you use a VPN or ssh. 
You might want to make a custom live-CD disk. 


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links