Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] SSH tunneling restrictions
- Date: Mon, 14 Aug 2006 21:07:32 -0400
- From: Jim <jep200404@example.com>
- Subject: Re: [tlug] SSH tunneling restrictions
- References: <2d4c9c600608140141m6dfab76hb310e075a5da5d07@example.com> <20060814141238.92415.qmail@example.com> <2d4c9c600608141742j4f304935l2bb60ca854bbb7c6@example.com>
Patrick Niessen wrote: > Most articles describe the bridged mode, > which I don't want to use as it requires "safe" client computers. Using ssh instead of a VPN will not avoid the need to keep your client computers "safe". Any password you type on a compromised computer is also compromised. Any keys you store on a compromised computer (or access from a compromised computer, such as from a USB flash drive) are also compromised. Any encrypted traffic that is encrypted or decrypted on a compromised computer, is also compromised. Consider having your clients boot a live-CD (such as Knoppix or Puppy Linux) to do your sensitive stuff, regardless of whether you use a VPN or ssh. You might want to make a custom live-CD disk. Jim
- Follow-Ups:
- Re: [tlug] SSH tunneling restrictions
- From: Patrick Niessen
- [tlug] Bank on Knoppix . . . . . . . . . . . . . (was Re: SSH tunneling restrictions)
- From: Jim
- Re: [tlug] SSH tunneling restrictions
- References:
- [tlug] SSH tunneling restrictions
- From: Patrick Niessen
- Re: [tlug] SSH tunneling restrictions
- From: Gerald Naughton
- Re: [tlug] SSH tunneling restrictions
- From: Patrick Niessen
- [tlug] SSH tunneling restrictions
- Prev by Date: Re: [tlug] SSH tunneling restrictions
- Next by Date: Re: [tlug] SSH tunneling restrictions
- Previous by thread: Re: [tlug] SSH tunneling restrictions
- Next by thread: Re: [tlug] SSH tunneling restrictions
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |