Kai Schaetzl wrote:
Bowie Bailey wrote on Wed, 26 Mar 2008 09:18:56 -0500:
Use VPN to connect to your network and then ssh through the VPN tunnel to any machines you need to work with. This way only the VPN is exposed to the Internet.
if the machines are within the LAN, yes. My original point was that if you have a static IP address for your local LAN *and* you want to restrict the *remote* machines to be ssh-connectable only from that LAN (which is a good security measure) *and* you are on the road you can still work on your remote machine by VPNing into your LAN. There are other solutions, but VPN is probably the easiest one as most SOHO routers should be able to terminate a VPN and it's likely that you want to connect to your LAN via VPN for other purposes, anyway. Doing that for the machines *within* your LAN is granted.
Ok. I was thinking of a simpler "traveling user needs access to machines on the LAN" scenario. :)