Kai Schaetzl wrote: > Bowie Bailey wrote on Wed, 26 Mar 2008 09:18:56 -0500: > > > Use VPN to connect to your network and then ssh through the VPN > > tunnel to any machines you need to work with. This way only the > > VPN is exposed to the Internet. > > if the machines are within the LAN, yes. My original point was that > if you have a static IP address for your local LAN *and* you want to > restrict the *remote* machines to be ssh-connectable only from that > LAN (which is a good security measure) *and* you are on the road you > can still work on your remote machine by VPNing into your LAN. There > are other solutions, but VPN is probably the easiest one as most SOHO > routers should be able to terminate a VPN and it's likely that you > want to connect to your LAN via VPN for other purposes, anyway. Doing > that for the machines *within* your LAN is granted. Ok. I was thinking of a simpler "traveling user needs access to machines on the LAN" scenario. :) -- Bowie