1 |
> > Thanks a lot for everyone's help. Here is a more to-the-point list of |
2 |
> > what I'd like to accomplish: |
3 |
> > |
4 |
> > 1. encrypt CUPS printouts between remote server and local print server |
5 |
> > 2. add an additional layer of security around SSH and CUPS on local |
6 |
> > firewall/print server |
7 |
> > 3. add an additional layer of security around SSH, IMAP, and |
8 |
> > non-standard port HTTPS on remote server |
9 |
> > 4. enable access to SMTP on remote server for me which is blocked by |
10 |
> > my local ISP |
11 |
> > |
12 |
> > It sounds like I have 3 choices: |
13 |
> > |
14 |
> > 1. VPN |
15 |
> > 2. SSH tunneling |
16 |
> > 3. Zebedee tunneling |
17 |
> > |
18 |
> > Would all 3 of these choices accomplish all 4 requirements? I would |
19 |
> > think SSH tunneling can't really add an additional layer around SSH. |
20 |
> |
21 |
> I'd just like to reiterate that most of those don't need any extra |
22 |
> security. SSH and HTTPS are already secure, and IMAP and SMTP can be |
23 |
> accessed over SSL (like HTTPS). These are all secure enough to be |
24 |
> widely used without extra layers of encryption. |
25 |
|
26 |
I'm surprised, but glad to hear this. I was under the impression that |
27 |
opening services like SSH and CUPS to the internet was a bad idea. I |
28 |
guess they're secure enough. That removes #2 and #3 from my 4-part |
29 |
list above. |
30 |
|
31 |
If I can print with CUPS via SSL and submit SMTP mail via alternate |
32 |
port 587, I won't need a VPN or tunnel. |
33 |
|
34 |
Thanks a lot for everyone's help. I'm going to start a new thread for |
35 |
those topics. |
36 |
|
37 |
- Grant |
38 |
-- |
39 |
gentoo-user@l.g.o mailing list |