| 1 |
On 01/15/2016 09:18 PM, wabenbau@×××××.com wrote: |
| 2 |
> Grant <emailgrant@×××××.com> wrote: |
| 3 |
> |
| 4 |
>> I'm considering allowing some employees to work from home but I'm |
| 5 |
>> concerned about the security implications. Currently everybody shows |
| 6 |
>> up and logs into their locked down Gentoo system and from there is |
| 7 |
>> able to access the company webapps which are restricted to the office |
| 8 |
>> IP address. I guess I would have to allow webapp access from any IP |
| 9 |
>> for those users and trust that their computer is secure? Should that |
| 10 |
>> not be scary? |
| 11 |
>> |
| 12 |
>> - Grant |
| 13 |
> |
| 14 |
> I would use OpenVPN for that. If you don't trust their systems, you |
| 15 |
> could provide a Live-System media for them if that is possible. |
| 16 |
> |
| 17 |
> -- |
| 18 |
> Regards |
| 19 |
> wabe |
| 20 |
> |
| 21 |
> |
| 22 |
|
| 23 |
I would use VPN + an X server that can spawn sessions on demand. This |
| 24 |
way it all stays internal on the work network. |
| 25 |
|
| 26 |
I do something similar at work for our Windows clients, it was simple to |
| 27 |
set up there. |
| 28 |
|
| 29 |
I've set up my home server to act as a Windows-type terminal server |
| 30 |
using X and tigervnc. It actually works well, but I never got into |
| 31 |
multiuser and dealing with logon scripts and the like (you may or may |
| 32 |
not need this to deal with user documents and the like.) |
| 33 |
|
| 34 |
Dan |
Archives