1 |
> |
2 |
> > I would |
3 |
> > need to be able to rsync to the laptop and I'd rather not be involved |
4 |
> > in the remote employee's router config. Is there an easier solution |
5 |
> > for that than OpenVPN? |
6 |
> |
7 |
> There is ZeroTier as a replacement for OpenVPN, and Syncthing for |
8 |
> syncing. Both are P2P solutions and you can run your own discovery |
9 |
> servers if you don't want any traffic going through a 3rd party (although |
10 |
> they don't send data through the servers). |
11 |
> |
12 |
> I've no idea whether that would meet your security criteria but it |
13 |
> certainly fulfils the "easier than OpenVPN" one. It will take only a few |
14 |
> minutes to install and setup using the public servers, although, as I |
15 |
> said, your network is never public, so you can check whether they do what |
16 |
> you want. Then you can look at hosting your own server for security. |
17 |
> |
18 |
> https://www.zerotier.com/ |
19 |
> https://syncthing.net/ |
20 |
|
21 |
|
22 |
|
23 |
Zerotier looks especially interesting. Can I have machine A listen for |
24 |
Zerotier connections, have machine B connect to machine A via Zerotier, |
25 |
have machine C connect to machine A via Zerotier, and rsync push from B to |
26 |
C? |
27 |
|
28 |
Does connecting two machines via Zerotier involve any security |
29 |
considerations besides those involved when connecting those machines to the |
30 |
internet? In other words, is it a simple network connection or are other |
31 |
privelages involved with that connection? |
32 |
|
33 |
Can I somehow require the Zerotier connection between machines A and C in |
34 |
order for C to pass HTTP basic authentication on my web server which |
35 |
resides elsewhere? Maybe I can route all traffic from machine C to my web |
36 |
server through C's Zerotier connection to A and lock down basic |
37 |
authentication on my web server to machine A? |
38 |
|
39 |
- Grant |