[Nottingham] SSH, port-forward and X-forwarding magic

[Martin]

On 10/05/18 12:04, J via Nottingham wrote:
>     Then again, myself... I try to keep clear of VPNs/tunnelling silliness
>     (dangerous laziness) to instead use native (secure) protocols... ;-)
> 
> Well, SSH is natively secure. :-)

Do not underestimate the false sense of security of a VPN/tunnel...


Are your endpoints themselves secure and trustworthy?

Do your local machines (lazily) assume the internal LAN to be secure and
trusted?

Is your internal LAN still really secure and trusted with a VPN
tunnelling through your firewall from the unclean bad outside?

Are your systems still secure when they assume all their connections are
"local only" and yet you now have a remote connection from "somewhere
else"...

... As demonstrated by the giggle of remote workers working for two
different corporates/call-centres, and using two VPNs that then
inadvertently connect the internal networks of those two remote entities
together for much hilarity...


> This is the only way I can access certain resources.

That's the usual lame lazy excuse of the Proprietary world and the old
game of lock-in...


Good luck!

Cheers,
Martin


NB: Lazy is inversely proportional to configuration time/maintenance :-(