Re: Understanding VPN client options

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2017-11-03 at 10:10 -0700, Rick Stevens wrote:
> > > That explains it. I've implemented openvpn in a subnet-to-subnet
> > > config before from the command-line. Much of this is research for my
> > > father-in-law and his fedora box.
> 
> If the OP's father-in-law is simply trying to stay anonymous and hide
> his IP address while he does his cyberbusiness, a VPN isn't really
> necessary. What he wants is an anonymous proxy.

Yes, I did mention that in my reply.

> There are lots of those
> around. If he wants to encrypt the traffic between his computer and the
> anonymous proxy to shield it from prying eyes, then that's where the VPN
> might come in--provided the anonymous proxy supports VPN access and if
> so, what kind of VPN it offers.
> 
> A VPN is just that...a virtual private network. It simply establishes an
> encrypted data link between endpoints (typically while going across one
> or more public internet hops) to prevent the "bad guys" from snooping
> the data streams. It can be effective, depending on the encryption
> algorithms used, the keys the encryption is based on, etc., etc.
> 
> > > Is the shell script publically available? I'd be very interested in
> > > seeing how they're doing it.
> > 
> > On looking again, it turns out to be a binary executable rather than a
> > Shell script. Sorry for the confusion. However I'm fairly sure I did
> > once manage to use openvpn with the credentials supplied by the
> > provider, so it's not black magic.
> 
> There's nothing magic about OpenVPN.

I meant there isn't anything magical about the specific provider I use,
even though they have a binary-only client, i.e. they are entirely
compatible with OpenVPN, which I think is probably the case for most of
them, to the extent that I'd be suspicious of any public services that
weren't.

> While we don't use it ourselves (we
> use Cisco-based VPNs using ASA devices and clients such as vpnc), I know
> a number of people who have deployed OpenVPN with quite reasonable
> results (in fact, sometimes better results than we get with our
> hardware-based VPN equipment).

That's the end-to-end use case, so of course you are in control of both
ends.

> Using a VPN all depends on how paranoid you are (or rather the OP's
> father-in-law is). They certainly have their uses.

They can also be simpler to set up than proxies, for the non-expert
user, since they are focused on what the general public wants, or
thinks it wants.

poc
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx



[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux