> -----Urspr|ngliche Nachricht----- > Von: David Higgs [mailto:[EMAIL PROTECTED] > Gesendet: Sonntag, 17. Februar 2008 16:54 > An: openbsd misc > Cc: OpenBSD-Misc > Betreff: Re: What is our ultimate goal?? > > On Feb 17, 2008 7:36 AM, openbsd misc > <[EMAIL PROTECTED]> wrote: > > > -----Urspr|ngliche Nachricht----- > > > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > > Im Auftrag von Tony Abernethy > > > Gesendet: Sonntag, 17. Februar 2008 13:20 > > > An: 'Mayuresh Kathe'; 'OpenBSD-Misc' > > > Betreff: Re: What is our ultimate goal?? > > > > > > > > Mayuresh Kathe wrote: > > > > > > > > OpenBSD is an OS with amazing security and stability, > but it has too > > > > few modern features. > > > > > > > Hmmmm .... related? > > > > > > > > > > E.g. wpa[2] is one of the features I miss because I want to > use OpenBSD as > > Firewall / Access Point (SOHO customers)... VPN is not an > option, because > > windowsclients need network at startup. > > If WPA2 is considered secure and widespread, it will likely be added > to OpenBSD at some point. Even more likely if it's been added to a > relatively unmodified portion of NetBSD or FreeBSD. > > Is IPSEC an option for your SOHO customers? > > VPN could be an option, though it's definitely not as simple. OpenVPN > clients are available for both Windows and OS X. You could distribute > binaries and keys via USB drive or a local SSL-enabled webserver. > There's been other discussions on-list about reducing your exposure to > wireless sniffers. > > --david >
Hello, this is not an option to me. My customers don't have administration rights - AFAIK you can't use openvpn without admin rights, the only solution is to run openvpn as service. Therefore I need to configure openvpn to poll all possible locations - I don't think that's the way it should go. My POV is: there are two "standards" (I know that wpa isn't a real standard, but AFAIK wpa2 is) to secure wireless lan. It's the easiest configuration because even an non-administrative user can configure it. I accept that there are better or more secure ways, but I need a handy solution, too. Some customers use the AP for there private PCs, too - I don't want to administer every private device using wireless lan and my customers don't want 20 boxes @home. I'm not a developer so I'm not able to do the task on my own - I asked if I can help with hardware or something like that so the development will start (or go on?) but it looks like none of the developers (currently) needs wpa[1/2] :( Regards Hagen Volpers
