Hello, We have not so tech-savvy colleagues in different locations around the world who now use Windows 10 and need access to Linux (Debian 9). Linux will be provided in form of VirtualBox VMs. We, the technical support team, need to have access to the guest VMs (via SSH and occasionally as remote desktop) and to the host (through the guest while VM runs in bridged mode; via Windows 10 built in SSH Server).
What is the best approach to create such an infrastructure in a flexible, secure and efficient way, so that: (A) adding/removing an employee requires minimal effort, (B) adding/removing a tech-support team member requires minimal effort. While we don't have experience with VPNs we assume that it's better to invest in setting up a VPN (with VMs as its nodes) once rather than enable port forwarding on all possible router models in order to get access to the VMs. 1. What open-source VPN software would you recommend for such a case? We are considering [Tinc](https://www.tinc-vpn.org) as it seems to be rather flexible and provides an easy way to add new nodes thus helping us to achieve the above mentioned goal A. 2. If yes, in which mode should we run Tinc - [bridge](https://www.tinc-vpn.org/examples/bridging/) or [proxy ARP](https://www.tinc-vpn.org/examples/proxy-arp/)? 3. How should we manage authentication of the tech support team in order to achieve the goal B? Asymmetric keys? One pair for all or a pair for each member? Maybe passwords? 4. In order to get an easy (to remember) access to the host from the guest via built in SSH Server on all machines we probably need to give all hosts the same IP in the Network bridge mode. Are there other important configuration tricks for host and/or the VM appliance that you can think of? Thank you! _______________________________________________ tinc mailing list [email protected] https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
