From owner-freebsd-security Mon Oct 9 9:23:21 2000 Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id 6367937B502 for ; Mon, 9 Oct 2000 09:23:19 -0700 (PDT) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id KAA22558; Mon, 9 Oct 2000 10:23:06 -0600 (MDT) Message-Id: <4.3.2.7.2.20001009101945.04999df0@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Mon, 09 Oct 2000 10:22:59 -0600 To: Mike Thompson , freebsd-security@FreeBSD.ORG From: Brett Glass Subject: Re: Encrypted IP tunneling solution In-Reply-To: <4.3.2.7.2.20001008220611.085d2f00@mail.atomz.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 11:56 PM 10/8/2000, Mike Thompson wrote: >BTW, my ultimate goal behind this little application is to get it working >with Windows clients running SSH protocols where it can serve as a very >simple, but secure VPN solution. This would be the real value. It would be VERY useful to tunnel Windows clients with minimal effort. It'd be even nicer if it were stand-alone; that is, if it did not require a separate SSH implementation to be installed on the Windows machine. Many of the users who one wants to tunnel into a LAN remotely do not have shell accounts, and giving them such accounts can compromise security and/or be confusing to them. Using SSH 2 (which doesn't require a shell account for port redirection) would be a good way to do this. --Brett Glass To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message