Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] vnc

Hash: SHA1

We have been doing VPN to our servers at work since we were acquired. We
are not using encryption because we are already on a restricted network.
However, I do set up a /etc/sysconfig/vncservers file and each person on
our team has their own display number for VNC. I also tested vnc against
xming, and I found that VNC tended to have better performance.

On 08/24/2014 01:09 PM, Richard Pieri wrote:
> On 8/24/2014 12:22 PM, markw at wrote:
>> I would opt to use openvpn instead of an SSH tunnel. You have a better
>> control over security and "ease."
> Meh. Shell access is an on/off toggle. Changing how you flip this toggle
> doesn't offer better or worse security, nor does it make anything
> intrinsically easier or more difficult. One can just as easily manage
> access with PAM and LDAP groups.
> I think of it this way: If users need access to everything on an
> isolated network then a VPN usually is the better choice. Otherwise SSH
> is the better choice. Right tool for the job and all that.
> That said, I'd avoid using OpenVPN. I don't like X.509. I want X.509 to
> die in a fire. I want it to die painfully and permanently and never
> bother anyone ever again. For Linux to Linux I'd use Layer 3 tunneling
> over SSH using sshuttle to handle the heavy lifting.

- -- 
Jerry Feldman <gaf at>
Boston Linux and Unix
PGP key id:3BC1EB90
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66  C0AF 7CEA 30FC 3BC1 EB90
Version: GnuPG v1


BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /