From owner-freebsd-security@FreeBSD.ORG Thu Mar 10 19:13:12 2011 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8B458106566C for ; Thu, 10 Mar 2011 19:13:12 +0000 (UTC) (envelope-from mbox@miguel.ramos.name) Received: from smtpauth.rollernet.us (smtpauth.rollernet.us [IPv6:2607:fe70:0:3::d]) by mx1.freebsd.org (Postfix) with ESMTP id 608D58FC1A for ; Thu, 10 Mar 2011 19:13:12 +0000 (UTC) Received: from smtpauth.rollernet.us (localhost [127.0.0.1]) by smtpauth.rollernet.us (Postfix) with ESMTP id F29F859400E; Thu, 10 Mar 2011 11:12:59 -0800 (PST) Received: from w500.local (a83-132-6-167.cpe.netcabo.pt [83.132.6.167]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: @miguel.ramos.name) by smtpauth.rollernet.us (Postfix) with ESMTPSA; Thu, 10 Mar 2011 11:12:59 -0800 (PST) Received: from w500.local (w500.local [127.0.0.1]) by w500.local (8.14.4/8.14.4) with ESMTP id p2AJCiu5019031; Thu, 10 Mar 2011 19:12:44 GMT Received: (from miguel@localhost) by w500.local (8.14.4/8.14.4/Submit) id p2AJCfYD019023; Thu, 10 Mar 2011 19:12:41 GMT X-Authentication-Warning: w500.local: miguel set sender to mbox@miguel.ramos.name using -f From: Miguel Lopes Santos Ramos To: Remko Lodder In-Reply-To: <2E5C0CE8-4F70-4A4D-A91D-3274FD394C80@elvandar.org> References: <1299682310.17149.24.camel@w500.local> <1299769253.20266.23.camel@w500.local> <2E5C0CE8-4F70-4A4D-A91D-3274FD394C80@elvandar.org> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Date: Thu, 10 Mar 2011 19:12:41 +0000 Message-ID: <1299784361.18199.4.camel@w500.local> Mime-Version: 1.0 X-Mailer: Evolution 2.32.2 X-Rollernet-Abuse: Processed by Roller Network Mail Services. Contact abuse@rollernet.us to report violations. Abuse policy: http://rollernet.us/abuse.php X-Rollernet-Submit: Submit ID 7367.4d7922bb.ed50.0 Cc: "J. Hellenthal" , FreeBSD Security Subject: Re: It's not possible to allow non-OPIE logins only from trusted networks X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Mar 2011 19:13:12 -0000 Qui, 2011-03-10 =C3=A0s 19:20 +0100, Remko Lodder escreveu: > > Yes, that's right. That would solve a whole lot of other problems too. > > It's true that I'm using SSH in many cases just as an easy to administe= r > > VPN. I've been postponing that for years. But I would need something > > that worked with FreeBSD and Gentoo (don't want to learn two tools) and > > for any client. >=20 >=20 >=20 > so with the pfsense project we have this thing integrated that is called = OpenVPN. > Hell, I use it between multiple FreeBSD boxes to create a 'secure' (quote= s because > it's as secure as possible in this world :)) network between them. I push= ed it to my > parents who are (sigh) using Windows, I use it from my Mac (Viscosity) an= d hell > it even works on Linux/Gentoo.. >=20 > And it's all.. free :-) >=20 > Cheers > Remko Thanks. I'll probably be looking into that sooner or latter. However, OPIE, nobody cares about OPIE? --=20 Miguel Ramos PGP A006A14C