|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
OpenVPN:
So far I'm impressed with OpenVPN[ openvpn.net ], which leverages
openssl. It was very easy to setup between two computers.
I have two computers with IP addresses [192.168.1.182] and [192.168.1.155]. Once
OpenVPN is setup, each computer has an additional IP address on the tun0 interface
of [10.8.0.6] and [10.8.0.1]. So, to get encrypted NFS, I put the following in
my "/etc/fstab".
10.8.0.6:/home /home3 nfs rw 0 0
You're not locked in to having everything go through the encrypted channel. I actually did both
an encrypted NFS mount and an unencrypted NFS mount for comparison. Here's the unencrypted NFS
mount, which uses the standard IP address.
192.168.1.182:/home /home2 nfs rw 0 0
Any application can run across the encrypted channel MySQL, HTTP, and the documentation
claims that NAT is not an issue. So, it should work at the local WiFi cafe. Yes, it
runs on Windows too; but, I have not tested Windows.
My purpose for using it? I don't always have a laptop with me. But it's easy enough to
carry a CD that will boot into Linux. So, if I come across a connected computer, I can
boot Linux and get access to all my resources securely. FYI - my Linux is very small, I
can usually bum a CD off of someone and burn it within 3 to 4 minutes. There's a tutorial
here on how to create your own Linux CD here [http://souptonuts.sourceforge.net/cdrom.htm]
Anyway, so far OpenVPN seems like a nice option for NFS and other services, which can
be a pain to SSH port forward [http://souptonuts.sourceforge.net/sshtips.htm], since a
variety of ports can be used with these services.
Regards,
Mike Chirico
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|