Re: [Server-devel] VPN server for our project
On Wed, 2008-07-02 at 15:40 +0200, [EMAIL PROTECTED] wrote: My question: has anyone experimented the fonction of a VPN network involving remote XS servers ? I use openvpn, works well over nat! (pptp does not) - need admin skills to configure - give acces to no (very) public wiki/moodle - allows reverse ssh access to update/moi machines - ssl key controlled - allows to to follow where XO's are (more or less a anti-theft mechanism) yum install openvpn . pptp: - only 1 per outgoing NAT - gre must enable din Natting router ipsec: - harder to config - roaming user setup diffult to setup cheers Marten ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel -- Marten Vijn linux 2.0.18 OpenBSD 3.6 FreeBSD 4.6 http://martenvijn.nl http://opencommunitycamp.org http://wifisoft.org ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] VPN server for our project
On Wed, 2008-07-02 at 16:16 +0200, Marten Vijn wrote: On Wed, 2008-07-02 at 15:40 +0200, [EMAIL PROTECTED] wrote: My question: has anyone experimented the fonction of a VPN network involving remote XS servers ? I use openvpn, works well over nat! (pptp does not) and ssh can do also wonderfull tricks!! check 'man ssh' for -R and -L Marten -- Marten Vijn linux 2.0.18 OpenBSD 3.6 FreeBSD 4.6 http://martenvijn.nl http://opencommunitycamp.org http://wifisoft.org ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] VPN server for our project
Selon Marten Vijn [EMAIL PROTECTED]: On Wed, 2008-07-02 at 16:16 +0200, Marten Vijn wrote: On Wed, 2008-07-02 at 15:40 +0200, [EMAIL PROTECTED] wrote: My question: has anyone experimented the fonction of a VPN network involving remote XS servers ? I use openvpn, works well over nat! (pptp does not) and ssh can do also wonderfull tricks!! check 'man ssh' for -R and -L Thanks for the tips Samy Marten -- Marten Vijn linux 2.0.18 OpenBSD 3.6 FreeBSD 4.6 http://martenvijn.nl http://opencommunitycamp.org http://wifisoft.org ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] VPN server for our project
Hi, OLPC France is plannig a project Windrose (http://wiki.laptop.org/go/Projects/WindroseOLPC ) consisting for the schools among the world participating in the project to share and publish their contents (text, images, videos, etc.) in a semi-private BLOG (likely EduBlogger). My question: has anyone experimented the fonction of a VPN network involving remote XS servers ? Our concern is to protect the privacy of the kids, allowing private areas and public areas and making the login process easier for the kids/teachers. The communication/authentification to the VNP server will possibly be organised via a local XS server. Thank you for your comments Best regards Samy ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] VPN server for our project
Hi, OLPC France is plannig a project Windrose (http://wiki.laptop.org/go/Projects/WindroseOLPC ) consisting for the schools among the world participating in the project to share and publish their contents (text, images, videos, etc.) in a semi-private BLOG (likely EduBlogger). My question: has anyone experimented the fonction of a VPN network involving remote XS servers ? Our concern is to protect the privacy of the kids, allowing private areas and public areas and making the login process easier for the kids/teachers. The communication/authentification to the VNP server will possibly be organised via a local XS server. Thank you for your comments Best regards Samy ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] VPN server for our project
I've tested PPTP and OpenVPN on XO. Works fine. The PPP MPPE module is already present (drivers/net/ppp_mppe.ko). Using a VPN adds overhead to the network communication. Isn't as secure as you might think. I'm the release engineer for PPTP on Linux, and C. Scott Ananian in OLPC is the author. I've not tried it on XS. PPTP project did some load calculations a year or two ago, and found that a 500Mhz 64Mb server could handle several hundred users so long as they did not try to do something all at the same time. It would be practical to test on XS, but it is a zero sum game, you'd lose capacity. In my opinion, avoid creating a false sense of security ... the kids should be taught personal information privacy very early, and the best way to do that is for them to make small mistakes and learn from them. France. Are you sure you can use strong cryptographic encryption? I seem to remember some hindrance at law. I haven't kept up to date with that. -- James Cameronmailto:[EMAIL PROTECTED] http://quozl.netrek.org/ ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] VPN server for our project
On Sun, Jun 22, 2008 at 9:49 PM, [EMAIL PROTECTED] wrote: My question: has anyone experimented the fonction of a VPN network involving remote XS servers ? The hw will have no problem with running VPNs but many XS will be on networks links that are very constrained and don't play well with VPNs (such as satellite links). cheers, m -- [EMAIL PROTECTED] [EMAIL PROTECTED] -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] VPN server for our project
Selon James Cameron [EMAIL PROTECTED]: I've tested PPTP and OpenVPN on XO. Works fine. The PPP MPPE module is already present (drivers/net/ppp_mppe.ko). Using a VPN adds overhead to the network communication. Isn't as secure as you might think. Yes, we should find out the right balance between opposite concerns. I'm the release engineer for PPTP on Linux, and C. Scott Ananian in OLPC is the author. I've not tried it on XS. PPTP project did some load calculations a year or two ago, and found that a 500Mhz 64Mb server could handle several hundred users so long as they did not try to do something all at the same time. It would be practical to test on XS, but it is a zero sum game, you'd lose capacity. ok In my opinion, avoid creating a false sense of security ... the kids should be taught personal information privacy very early, and the best way to do that is for them to make small mistakes and learn from them. I imagine, that the kids will be monitored by their teachers, who will eventually direct the reporting and publishing activities so that they are acceptable depending of the privacy policy of the schools. France. Are you sure you can use strong cryptographic encryption? I seem to remember some hindrance at law. I haven't kept up to date with that. The length of the encryption keys may be limited. Not sure how long. Another dimension is that the VPN server, if any, can be hosted here in France or in another country where our future partners are be located. Thank you for your usefull comments Bests Samy -- James Cameronmailto:[EMAIL PROTECTED] http://quozl.netrek.org/ ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel