Lulz...I don't think you know what you're talking about. 😂😂😂😂
On Fri, Mar 30, 2018, 3:12 PM al so <[email protected]> wrote: > There is a reason most NMS systems used SNMP in the past and REST apis > past 7+ years. They don't use CLIs except toy Expect type scripts.. Not > just security but better error handling and more. > > Good luck learning! > > On Thu, Mar 29, 2018 at 9:03 AM, Tomasz Chmielewski <[email protected]> > wrote: > >> SNMP is mainly used for monitoring, not _server_ automation. >> >> Also, it's inherently insecure for anything else - only SNMPv3 offers any >> kind of encryption, and it's DES - 56 bit only, and you can easily >> brute-force it on an average computer. >> >> >> If you could provide some serious articles about why is CLI insecure, I'd >> be interested to read. >> >> >> Tomasz Chmielewski >> https://lxadm.com >> >> >> >> On 2018-03-30 00:48, al so wrote: >> >>> Just search online why in general that is insecure via CLI vs >>> programmatic for first class automation.. there is a reason why snmp, >>> rest, ... exist. >>> >>> On Thu, Mar 29, 2018 at 3:50 AM, Tomasz Chmielewski <[email protected]> >>> wrote: >>> >>> You've mentioned security issues in your previous email, but now >>>> you're hopping to management issues. >>>> >>>> Have you tried Ansible, Chef or Puppet for automation? It works well >>>> for hundreds of servers, different services and not just one kind of >>>> VPN. >>>> >>>> Tomasz Chmielewski >>>> https://lxadm.com >>>> >>>> On 2018-03-29 16:10, al so wrote: >>>> Programmatic management with first class APIs is preferred for >>>> larger >>>> deployments.. >>>> >>>> On Mon, Mar 26, 2018 at 12:28 PM, Tomasz Chmielewski >>>> <[email protected]> >>>> wrote: >>>> >>>> Could you elaborate on why CLI (SSH) managing is insecure? >>>> >>>> Tomasz Chmielewski >>>> https://lxadm.com >>>> >>>> On 2018-03-27 04:23, al so wrote: >>>> So, for remote manageability of Tinc, we don't have any SNMP or >>>> REST >>>> like programmatic ways? >>>> >>>> If it is going to be CLI only, it is definitely not secure to manage >>>> and also not very convenient to manage programmatically. >>>> >>>> On Sun, Mar 25, 2018 at 1:44 AM, Guus Sliepen <[email protected]> >>>> wrote: >>>> >>>> On Sat, Mar 24, 2018 at 02:16:20PM -0700, al so wrote: >>>> >>>> Is there any quickstart guide to setup site-to-site VPN using >>>> Tinc 1.1 >>>> >>>> pre-rel? >>>> >>> >>> You can find an example of a site-to-site VPN with four sites here: >>> >>> http://tinc-vpn.org/documentation/Example-configuration.html [1] [1] >>> [1] >>> >>> Assuming I have two routers at two sites running tinc vpn along >>>>> >>>> with >>> >>> routing feature. >>>>> >>>> >>> If you only have two sites, then just look at the example >>> configuration >>> for "Branch A" and "Branch B" in the page I linked, and ignore the >>> other >>> two sites. >>> >>> Once I setup manually and validate the connection, I want to >>>>> >>>> automate >>> >>> using REST APIs. >>>>> >>>> >>> Tinc does not expose any REST APIs. With tinc 1.1, you can use the >>> command line tool to automate things though, see: >>> >>> http://tinc-vpn.org/documentation-1.1/Controlling-tinc.html [2] [2] >>> [2] >>> >>> >>> >>> Links: >>> ------ >>> [1] http://tinc-vpn.org/documentation/Example-configuration.html >>> [2] http://tinc-vpn.org/documentation-1.1/Controlling-tinc.html >>> >> > _______________________________________________ > tinc mailing list > [email protected] > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >
_______________________________________________ tinc mailing list [email protected] https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
