[Discuss] vnc

[gaf at blu.org (Jerry Feldman)]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We have been doing VPN to our servers at work since we were acquired. We
are not using encryption because we are already on a restricted network.
However, I do set up a /etc/sysconfig/vncservers file and each person on
our team has their own display number for VNC. I also tested vnc against
xming, and I found that VNC tended to have better performance.

On 08/24/2014 01:09 PM, Richard Pieri wrote:
> On 8/24/2014 12:22 PM, markw at mohawksoft.com wrote:
>> I would opt to use openvpn instead of an SSH tunnel. You have a better
>> control over security and "ease."
>
> Meh. Shell access is an on/off toggle. Changing how you flip this toggle
> doesn't offer better or worse security, nor does it make anything
> intrinsically easier or more difficult. One can just as easily manage
> access with PAM and LDAP groups.
>
> I think of it this way: If users need access to everything on an
> isolated network then a VPN usually is the better choice. Otherwise SSH
> is the better choice. Right tool for the job and all that.
>
> That said, I'd avoid using OpenVPN. I don't like X.509. I want X.509 to
> die in a fire. I want it to die painfully and permanently and never
> bother anyone ever again. For Linux to Linux I'd use Layer 3 tunneling
> over SSH using sshuttle to handle the heavy lifting.
>

- -- 
Jerry Feldman <gaf at blu.org>
Boston Linux and Unix
PGP key id:3BC1EB90
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66  C0AF 7CEA 30FC 3BC1 EB90
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEVAwUBU/pEBHzqMPw7weuQAQKcKAf/alh0KWoIUnfXD+maoBeIfyLnFQYNvSkz
KDKfu7WsySv/OmtMp2aohGY6rnOG72qDrhfGZY+EkGN8QNZ9dmq/XJ+bpi8fgUqy
W9DALmYSqCEpbkqlssbh/ycG4du52ISddY1fuw4gzqN6QYR1+aZE9yWUHZk5lmYY
pYahjGJpgTI5JaGnLj9UKuisRW0LKVw9iDzSVyKwqPvS8rshoGgJdRU9KXuzCl5y
gKP0HhsA+mduF7vDncI2n0AtQLs96R+AG0afS59SLrAwj8ARfz9yMmkjSw5tYSfO
WhotboNJuGO1koA3la1v3/AXiClR6gJfdAgMr+Fx/aECQ9+mYEqGXg==
=f6zX
-----END PGP SIGNATURE-----