View Single Post
  #5   (View Single Post)  
Old 5th May 2008
s2scott's Avatar
s2scott s2scott is offline
Package Pilot
 
Join Date: May 2008
Location: Toronto, Ontario Canada
Posts: 198
Default

Quote:
Originally Posted by fjwcash View Post
passwordless private keys...
  1. I use passworded private keys, not passwordless;
  2. I use this for road warrior client-to-gateway vpn, not site to site; and
  3. Nothing stopping you your uses, though.
The challenge may be scaling, as you need a tun[0,...,n] interface for each concurrent connection on the gateway machine. This isn't a problem for my use, as three concurrent sessions is the upper need limit.

The feature of ssh -w (for me) is that,
  1. the needed wares are already on every box I operate, therefore, nothing extra to install or maintain;
  2. I use ssh already;
  3. configuring the vpn tunnel is a whole heck of a lot easier then ipsec; and
  4. so far, I can easily pass through tight firewalls and nat setups that are not under my control.

/S
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience.

Last edited by s2scott; 5th May 2008 at 04:58 PM.
Reply With Quote