ssh is about as secure as anything gets... just punch a hole through the filewall for that one host and you should be fine. I have boxes in colo on three continents and I don't visit them ever. oob access to serial console and a way to reset them remotely (power switch, pc weasel, ipmi etc) are the key components to doing that other than ssh access. joelja On Wed, 19 May 2004, Edward wrote: > As most of you know, I cannot exactly call myself a noob anymore :( > > However, when it comes to administrating remote PCs I certainly can say > I am. > > I have several servers installed at customer's premises. I used to > simply run out there to fix any slight problems or update mail white > lists etc. > > However, with a few customers more than 1.5 hours drive away, I need to > look at remote administration. Especially for simply adding few users to > a spamassassin white list or the like, which really only are 10 minute jobs. > > So, I was thinking about setting up dyndns or no-ip addresses for these > servers, then opening up the firewall for either ssh or VPN. None of my > customers have a static internet address. > > I've used ssh locally before, and that is really simple to set up, but > because of the open hole I'll be creating my question is really: Should > I be learning about setting up VPN tunnels into their systems instead? > > Anyone have any true experience using both and can shed some light on > the security implications? Also, we're in Western Australia, with > archaic PSTN networks (56K modem - so only 33K upstream), so any > overheads incurred using one over the other I should also consider? > > If the answer is VPN - can anyone give me a link to a tutorial or > something to get me started? I'm by now fairly versed in Linux itself > (Since RH5.2 anyway), have compiled kernels and the like, but VPN is new > to me. > > Regards, > Ed. > > > > -- -------------------------------------------------------------------------- Joel Jaeggli Unix Consulting joelja@xxxxxxxxxxxxxxxxxxxx GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
