[kwlug-disc] firewall question

L.D. Paniak ldpaniak at fourpisolutions.com
Tue Feb 17 19:19:33 EST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



unsolicited wrote:

> e.g. Suppose you set up VPN for a laptop user. And the laptop gets
> stolen. The issues around the technology become much bigger than the
> technology itself.
> 
>

In OpenVPN, if someone steals a laptop, you just revoke the
corresponding key (for key-based access) and restart the daemon
(http://openvpn.net/index.php/documentation/howto.html#quick )

Since each user has their own key, you can selectively 'turn off' access
without disrupting the whole system. Just make sure your user lets you
know the laptop is missing in a timely manner!

OpenVPN is easy to install: It is packaged for any reasonable distro and
there is a customizable Windows system for producing installers that any
MS user would be comfortable with.

I'm sure you will find plenty of automation goodness to talk about when
you give your OpenVPN talk :)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFJm1QV8h2PnOHbiQcRAg9qAJ0UKjvmpk6De2iC+R1GOURscuO+HgCaA/wj
k8PKLnJhrhlD1IipczVbbQI=
=qsHM
-----END PGP SIGNATURE-----



More information about the kwlug-disc_kwlug.org mailing list