diff options
| -rw-r--r-- | README | 29 |
1 files changed, 14 insertions, 15 deletions
@@ -1,5 +1,5 @@ -Prepare computer for SSH tunneling -================================== +Rapid Tunneling +=============== Rapid Tunnelling(tm) uses the capabilities of openssh to allow you to support your clients even behind firewalls. @@ -95,18 +95,6 @@ you should run: rapid-tunneling-status -Command Line Usage: Root -~~~~~~~~~~~~~~~~~~~~~~~~ -If you run this as root, it is preffered that you run the above commands -as the dedicated tunneling user, to avoid leftovers. That is: - - su -c 'rapid-tunneling path/to/remote-access-clint.tar.gz' rapid-tunneling - - su -c 'rapid-tunneling-status' rapid-tunneling - - -The '-' in the end is required, to use the home directory of the dedicated -user. - - Server Operation ---------------- rtadm @@ -197,6 +185,17 @@ no-X11-forwarding,no-agent-forwarding,no-pty,permitopen="127.0.0.1:65534",comman A key can also be used to flood the server's disk, which means that the support user's quota should be limited. -THe client then sends the connection information over the already +The client then sends the connection information over the already established connection. + +Alternatively, if an attacker manages to send her own key (pointing to +her own RapidTunneling server) to the user, while pretending that this +key comes from a trusted support contact, the attacker will gain access +to the user's system. Thus the user should be careful about the key he gets. + + +Ideally this system should be simple to set up (assuming you have an SSH +server with a public IP address) and thus would be a handy and more secure +replacement to sending a password in the clear, or installing some Big +Binary Blob. |