Just search online why in general that is insecure via CLI vs programmatic for first class automation.. there is a reason why snmp, rest, ... exist.
On Thu, Mar 29, 2018 at 3:50 AM, Tomasz Chmielewski <[email protected]> wrote: > You've mentioned security issues in your previous email, but now you're > hopping to management issues. > > Have you tried Ansible, Chef or Puppet for automation? It works well for > hundreds of servers, different services and not just one kind of VPN. > > > Tomasz Chmielewski > https://lxadm.com > > > On 2018-03-29 16:10, al so wrote: > >> Programmatic management with first class APIs is preferred for larger >> deployments.. >> >> On Mon, Mar 26, 2018 at 12:28 PM, Tomasz Chmielewski <[email protected]> >> wrote: >> >> Could you elaborate on why CLI (SSH) managing is insecure? >>> >>> Tomasz Chmielewski >>> https://lxadm.com >>> >>> On 2018-03-27 04:23, al so wrote: >>> So, for remote manageability of Tinc, we don't have any SNMP or >>> REST >>> like programmatic ways? >>> >>> If it is going to be CLI only, it is definitely not secure to manage >>> and also not very convenient to manage programmatically. >>> >>> On Sun, Mar 25, 2018 at 1:44 AM, Guus Sliepen <[email protected]> >>> wrote: >>> >>> On Sat, Mar 24, 2018 at 02:16:20PM -0700, al so wrote: >>> >>> Is there any quickstart guide to setup site-to-site VPN using >>> >> Tinc 1.1 >> >> pre-rel? >>>> >>> >> You can find an example of a site-to-site VPN with four sites here: >> >> http://tinc-vpn.org/documentation/Example-configuration.html [1] [1] >> >> Assuming I have two routers at two sites running tinc vpn along >>>> >>> with >> >> routing feature. >>>> >>> >> If you only have two sites, then just look at the example >> configuration >> for "Branch A" and "Branch B" in the page I linked, and ignore the >> other >> two sites. >> >> Once I setup manually and validate the connection, I want to >>>> >>> automate >> >> using REST APIs. >>>> >>> >> Tinc does not expose any REST APIs. With tinc 1.1, you can use the >> command line tool to automate things though, see: >> >> http://tinc-vpn.org/documentation-1.1/Controlling-tinc.html [2] [2] >> >
_______________________________________________ tinc mailing list [email protected] https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
