search for: lxadm

...security issues in your previous email, but now you're > hopping to management issues. > > Have you tried Ansible, Chef or Puppet for automation? It works well for > hundreds of servers, different services and not just one kind of VPN. > > > Tomasz Chmielewski > https://lxadm.com > > > On 2018-03-29 16:10, al so wrote: > >> Programmatic management with first class APIs is preferred for larger >> deployments.. >> >> On Mon, Mar 26, 2018 at 12:28 PM, Tomasz Chmielewski <mangoo at wpkg.org> >> wrote: >> >> Could y...

...offers any > kind of encryption, and it's DES - 56 bit only, and you can easily > brute-force it on an average computer. > > > If you could provide some serious articles about why is CLI insecure, I'd > be interested to read. > > > Tomasz Chmielewski > https://lxadm.com > > > > On 2018-03-30 00:48, al so wrote: > >> Just search online why in general that is insecure via CLI vs >> programmatic for first class automation.. there is a reason why snmp, >> rest, ... exist. >> >> On Thu, Mar 29, 2018 at 3:50 AM, Tomasz C...

...offers any > kind of encryption, and it's DES - 56 bit only, and you can easily > brute-force it on an average computer. > > > If you could provide some serious articles about why is CLI insecure, I'd > be interested to read. > > > Tomasz Chmielewski > https://lxadm.com > > > > On 2018-03-30 00:48, al so wrote: > >> Just search online why in general that is insecure via CLI vs >> programmatic for first class automation.. there is a reason why snmp, >> rest, ... exist. >> >> On Thu, Mar 29, 2018 at 3:50 AM, Tomasz C...

Programmatic management with first class APIs is preferred for larger deployments.. On Mon, Mar 26, 2018 at 12:28 PM, Tomasz Chmielewski <mangoo at wpkg.org> wrote: > Could you elaborate on why CLI (SSH) managing is insecure? > > > Tomasz Chmielewski > https://lxadm.com > > > On 2018-03-27 04:23, al so wrote: > >> So, for remote manageability of Tinc, we don't have any SNMP or REST >> like programmatic ways? >> >> If it is going to be CLI only, it is definitely not secure to manage >> and also not very convenient t...

...ly insecure for anything else - only SNMPv3 offers any kind of encryption, and it's DES - 56 bit only, and you can easily brute-force it on an average computer. If you could provide some serious articles about why is CLI insecure, I'd be interested to read. Tomasz Chmielewski https://lxadm.com On 2018-03-30 00:48, al so wrote: > Just search online why in general that is insecure via CLI vs > programmatic for first class automation.. there is a reason why snmp, > rest, ... exist. > > On Thu, Mar 29, 2018 at 3:50 AM, Tomasz Chmielewski <mangoo at wpkg.org> >...

...017 after 5000ms milliseconds, giving up. 2017-02-21T03:34:55.754+0000 E QUERY [thread1] Error: couldn't connect to server mongo.example.com:27017, connection attempt failed : connect at src/mongo/shell/mongo.js:231:14 @(connect):1:6 exception: connect failed Tomasz Chmielewski https://lxadm.com

...- not getting "TCP Spurious Retransmission" with tinc 1.1pre14 - not getting "TCP Spurious Retransmission" with tinc 1.0.31 I didn't test versions in between 1.0.26 (one with connectivity issues) and 1.0.31 (one without connectivity issues). Tomasz Chmielewski https://lxadm.com

You've mentioned security issues in your previous email, but now you're hopping to management issues. Have you tried Ansible, Chef or Puppet for automation? It works well for hundreds of servers, different services and not just one kind of VPN. Tomasz Chmielewski https://lxadm.com On 2018-03-29 16:10, al so wrote: > Programmatic management with first class APIs is preferred for larger > deployments.. > > On Mon, Mar 26, 2018 at 12:28 PM, Tomasz Chmielewski <mangoo at wpkg.org> > wrote: > >> Could you elaborate on why CLI (SSH) managing i...

...s email, but now you're >> hopping to management issues. >> >> Have you tried Ansible, Chef or Puppet for automation? It works well for >> hundreds of servers, different services and not just one kind of VPN. >> >> >> Tomasz Chmielewski >> https://lxadm.com >> >> >> On 2018-03-29 16:10, al so wrote: >> >>> Programmatic management with first class APIs is preferred for larger >>> deployments.. >>> >>> On Mon, Mar 26, 2018 at 12:28 PM, Tomasz Chmielewski <mangoo at wpkg.org> >>&...

So, for remote manageability of Tinc, we don't have any SNMP or REST like programmatic ways? If it is going to be CLI only, it is definitely not secure to manage and also not very convenient to manage programmatically. On Sun, Mar 25, 2018 at 1:44 AM, Guus Sliepen <guus at tinc-vpn.org> wrote: > On Sat, Mar 24, 2018 at 02:16:20PM -0700, al so wrote: > > > > Is there

...ot able to fetch any data. Both tinc servers are running Ubuntu 16.04 (64 bit) with tinc 1.0.26. DC1 is Europe (Hetzner); DC2 is in USA (Amazon AWS). What's interesting, I don't have these timeouts when I replace tinc with openvpn. Any help appreciated! Tomasz Chmielewski https://lxadm.com

Hi guys! I'm trying to setup private network inside TOR using "proxy = socks5" variable in tinc.conf, but I found that tinc trying to resolve .onion domain with system resolver first, leaking peer's tor hostname to ISP. So is there any way to disable such behavior and resolve hostname with proxy?

Is there a Ubuntu ppa for tinc? Ubuntu 16.04 LTS has tinc 1.0.26 packaged, which has "network hiccups" / connectivity issues. So I was wondering if Ubuntu ppa with tinc packages exists? Tomasz Chmielewski https://lxadm.com

Could you elaborate on why CLI (SSH) managing is insecure? Tomasz Chmielewski https://lxadm.com On 2018-03-27 04:23, al so wrote: > So, for remote manageability of Tinc, we don't have any SNMP or REST > like programmatic ways? > > If it is going to be CLI only, it is definitely not secure to manage > and also not very convenient to manage programmatically. > >...

Hi Im running tinc 1.1pre17. My problem is that my tinc nodes occasionally crashes. When it crashes the tinc node is not running anymore. Time between failure can be sometimes days or weeks. Do anyone here have a proposal for how to debug and get this problem solved? Best regards, Håvard Rabbe

...ere have a proposal for how to debug and get this problem > solved? I assume it doesn't produce anything in the log? Try strace? Though be aware it will slow down tinc, and produce a lot of output (please redirect the output to a file / choose file logging). Tomasz Chmielewski https://lxadm.com

Hello. I am using tinc for some years now. Since I migrated my OVH VPS from Strassbourg to Limburg with Debian 9 tinc don`t start as Service. Because of the VPS i use systemctl commands, but it uses the init scripts instead I copied the same config. But it doesn`t start as service. If I start tinc with "-n <netname>" from console it all works like it should be. The problem

Hi all, I'm trying to setup tinc on 2 VPSs following this guide: https://www.linode.com/docs/networking/vpn/how-to-set-up-tinc-peer-to-peer-vpn/ They are of the same type with Ubuntu 18.04. On the the first one, I have manually built and installed tinc without an issue (v.1.0.36). On the second one, I've installed tinc from the repo (v.1.0.33), then removed it and then built it and

Suppose tinc is installed on 100 routers in 100 sites. How to automate site-site vpn management across 100 sites? Some kind of vpn management solution? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20180329/90f0198d/attachment.html>

Are there any Tinc deployments in the USA in Medium sized businesses and small Enterprises? Use case is to provide site-to-site VPN functionality. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20180320/1e41904a/attachment.html>