Displaying 20 results from an estimated 26 matches for "volkswak".
2018 Mar 29
5
deployment automation
Suppose tinc is installed on 100 routers in 100 sites.
How to automate site-site vpn management across 100 sites?
Some kind of vpn management solution?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20180329/90f0198d/attachment.html>
2018 Apr 03
1
site-site vpn setup..
This part I have to answer on-list:
> On 29 Mar 2018, at 17:50 , al so <volkswak at gmail.com> wrote:
>
> automation refers to day to day vpn management from non-IT layman... not a geek running shell/ansible scrpits.
Dear Also / Volk Swak
TINC have it’s uses and place in the VPN environment.
Perhaps you could/should consider https://pritunl.com/ <https://pritun...
2018 Mar 30
1
Tinc: performance
2018 Mar 30
2
site-site vpn setup..
There is a reason most NMS systems used SNMP in the past and REST apis past
7+ years. They don't use CLIs except toy Expect type scripts.. Not just
security but better error handling and more.
Good luck learning!
On Thu, Mar 29, 2018 at 9:03 AM, Tomasz Chmielewski <mangoo at wpkg.org> wrote:
> SNMP is mainly used for monitoring, not _server_ automation.
>
> Also, it's
2018 Mar 14
1
what is in version Tinc 2.0?
>
>
> What is planned for Tinc 2.0?
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc-devel/attachments/20180314/120783a3/attachment.html>
2018 Mar 14
1
what is in version Tinc 2.0?
>
>
> What is planned for Tinc 2.0?
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc-devel/attachments/20180314/120783a3/attachment.html>
2018 Mar 16
3
SPTPS in 1.1
Is SPTPS protocol enabled in 1.1 by default? Or we need to manually enable
it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20180316/2360e357/attachment.html>
2018 Mar 29
0
deployment automation
2018 Mar 29
0
deployment automation
...for a typical host -connectTo-> mainTincBoxes I use Railtrack
https://github.com/JeevesTakesOver/Railtrack
however it looks to me that your question was more about orchestration,
python fabric or ansible are probably your best options for this task
On Thu, 29 Mar 2018 at 09:40, al so <volkswak at gmail.com> wrote:
> Suppose tinc is installed on 100 routers in 100 sites.
> How to automate site-site vpn management across 100 sites?
> Some kind of vpn management solution?
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
>...
2018 Mar 29
1
Fwd: Tinc: performance
On Wed, Mar 14, 2018 at 12:36 PM, Guus Sliepen <guus at tinc-vpn.org> wrote:
> On Wed, Mar 14, 2018 at 08:42:20AM -0700, al so wrote:
>
> > Is there performance issue with Tinc compared to alternatives?
>
> Performance depends on many variables, it is impossible to say "A is
> nn% faster/slower than alternative B". The best way to check which
> alternative
2018 Mar 29
0
site-site vpn setup..
automation refers to day to day vpn management from non-IT layman... not a
geek running shell/ansible scrpits.
On Thu, Mar 29, 2018 at 8:48 AM, al so <volkswak at gmail.com> wrote:
> Just search online why in general that is insecure via CLI vs programmatic
> for first class automation.. there is a reason why snmp, rest, ... exist.
>
> On Thu, Mar 29, 2018 at 3:50 AM, Tomasz Chmielewski <mangoo at wpkg.org>
> wrote:
>
>>...
2018 Mar 20
1
Tinc deployments in the USA
I meant Tinc site-site VPN deployments in US business segments. Just
references if any.
On Tue, Mar 20, 2018 at 1:44 PM, Guus Sliepen <guus at tinc-vpn.org> wrote:
> On Tue, Mar 20, 2018 at 12:53:55PM -0700, al so wrote:
>
> > Are there any Tinc deployments in the USA in Medium sized businesses and
> > small Enterprises?
>
> Yes. However, VPNs are Virtual *Private*
2018 Mar 29
5
site-site vpn setup..
Just search online why in general that is insecure via CLI vs programmatic
for first class automation.. there is a reason why snmp, rest, ... exist.
On Thu, Mar 29, 2018 at 3:50 AM, Tomasz Chmielewski <mangoo at wpkg.org> wrote:
> You've mentioned security issues in your previous email, but now you're
> hopping to management issues.
>
> Have you tried Ansible, Chef or
2018 Mar 14
0
Fwd: handshake problem
This bad use of RSA was reported back in Sept 2003. Is it fixed the
latest version?
tinc's real problem though is the handshake protocol, in which the client and
server exchange random RSA-encrypted strings. That's raw bit strings, there's
no PKCS #1 or OAEP padding, and the server is happy to act as an oracle for
you too. This is a terrible way to use RSA, and usually compromises
2018 Mar 14
0
Any analysis on Control channel security in Tinc?
>
> Looks like control channel/handshake was not secure as part of previous
> security analysis. Has it been fixed?
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc-devel/attachments/20180314/d53fd254/attachment.html>
2018 Mar 14
1
Fwd: Tinc: performance
Please feel free to share your own benchmarks if any in the mean time.
On Wed, Mar 14, 2018 at 12:36 PM, Guus Sliepen <guus at tinc-vpn.org> wrote:
> On Wed, Mar 14, 2018 at 08:42:20AM -0700, al so wrote:
>
> > Is there performance issue with Tinc compared to alternatives?
>
> Performance depends on many variables, it is impossible to say "A is
> nn% faster/slower
2018 Mar 16
0
Tinc deployments in the USA market
Any reference to Tinc deployments in the US geography in small business
environments.
Looking at the Tinc security, looks like some basic security issues were
fixed to some extent 13 years after reporting. Is that a concern. My guess
is Tinc may not have been used in Business critical environments?
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2018 Mar 21
2
SPTPS in 1.1
Are you sure it is enabled by default?
On Fri, Mar 16, 2018 at 4:07 PM, Todd C. Miller <Todd.Miller at sudo.ws> wrote:
> On Fri, 16 Mar 2018 14:37:58 -0700, al so wrote:
>
> > Is SPTPS protocol enabled in 1.1 by default? Or we need to manually
> enable
> > it.
>
> It is enabled by default. You can disable it by setting
> ExperimentalProtocol = no in
2018 Mar 21
1
SPTPS in 1.1
I am surprised this experimental protocol is enabled by default.
On Wed, Mar 21, 2018 at 3:07 PM, Todd C. Miller <Todd.Miller at sudo.ws> wrote:
> On Wed, 21 Mar 2018 14:54:07 -0700, al so wrote:
>
> > Are you sure it is enabled by default?
>
> Yes.
>
> See the description of ExperimentalProtocol in the tinc.conf manual
> for details. If you don't believe
2018 Mar 29
0
1.1 pre-release and production use..
Of course pre-release is not meant for production!
But how comfortable you feel using 1.1 prerelease in production. It also
comes with scary Experimental auth protocol!! How secure one feel to deploy
in production for business use?
Looks like production release of 1.1 is not set.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: