All of lore.kernel.org
 help / color / mirror / Atom feed
* [LARTC] Proposal for reasonably secure GRE tunneling
@ 2002-01-25 12:23 Greg Scott
  2002-01-26  0:16 ` Daniel Wittenberg
  2002-01-26  1:53 ` Greg Scott
  0 siblings, 2 replies; 3+ messages in thread
From: Greg Scott @ 2002-01-25 12:23 UTC (permalink / raw)
  To: lartc

After tossing and turning half the night, this idea came into my head:

It's really neat that we can set up GRE tunnels between Linux servers.
Way cool, and thanks!  But lack of any kind of security is a problem.

What if we had a simple way to secure those GRE packets, or at least
some means for the two VPN servers to authenticate each other?  

So this idea popped into my head that seems straightforward to implement.
What if the system admin created accounts in both VPN servers, call them
lanagre and lanbgre.  It would be up to the system admin to put in strong
passwords in those accounts.  Both sides would each have both accounts,
and it would be up to the system admins on both sides to make sure the
passwords matched.

So then, when LAN A wants to connect to LAN B, the LAN A VPN server 
would look up LAN B's password in LAN A's /etc/shadow file, put together
a key based on that hash, and then use that key to encrypt traffic going
across.  Similarly for LAN B.  Since both sides have both accounts, nobody
needs to send passwords across the Internet.

If we had this in place, then Linux could do everything that Microsoft PPTP
does, but Linux wouldn't make the same implementation mistakes
Microsoft made.  

How tough would this be to do?  Does the idea make sense?

- Greg Scott
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [LARTC] Proposal for reasonably secure GRE tunneling
  2002-01-25 12:23 [LARTC] Proposal for reasonably secure GRE tunneling Greg Scott
@ 2002-01-26  0:16 ` Daniel Wittenberg
  2002-01-26  1:53 ` Greg Scott
  1 sibling, 0 replies; 3+ messages in thread
From: Daniel Wittenberg @ 2002-01-26  0:16 UTC (permalink / raw)
  To: lartc

Why not use encryption keys instead?  Because if you substitute crypto
key for password, then you have an IPSec tunnel. Besides, MS is moving
away from PPTP.  Take a look at 2k and XP, they have IPSec tunneling, so
that seems to be the right direction to go.

Dan

On Fri, 2002-01-25 at 06:23, Greg Scott wrote:

> After tossing and turning half the night, this idea came into my head:
> 
> It's really neat that we can set up GRE tunnels between Linux servers.
> Way cool, and thanks!  But lack of any kind of security is a problem.
> 
> What if we had a simple way to secure those GRE packets, or at least
> some means for the two VPN servers to authenticate each other?  
> 
> So this idea popped into my head that seems straightforward to implement.
> What if the system admin created accounts in both VPN servers, call them
> lanagre and lanbgre.  It would be up to the system admin to put in strong
> passwords in those accounts.  Both sides would each have both accounts,
> and it would be up to the system admins on both sides to make sure the
> passwords matched.
> 
> So then, when LAN A wants to connect to LAN B, the LAN A VPN server 
> would look up LAN B's password in LAN A's /etc/shadow file, put together
> a key based on that hash, and then use that key to encrypt traffic going
> across.  Similarly for LAN B.  Since both sides have both accounts, nobody
> needs to send passwords across the Internet.
> 
> If we had this in place, then Linux could do everything that Microsoft PPTP
> does, but Linux wouldn't make the same implementation mistakes
> Microsoft made.  
> 
> How tough would this be to do?  Does the idea make sense?
> 
> - Greg Scott
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

^ permalink raw reply	[flat|nested] 3+ messages in thread
* RE: [LARTC] Proposal for reasonably secure GRE tunneling
  2002-01-25 12:23 [LARTC] Proposal for reasonably secure GRE tunneling Greg Scott
  2002-01-26  0:16 ` Daniel Wittenberg
@ 2002-01-26  1:53 ` Greg Scott
  1 sibling, 0 replies; 3+ messages in thread
From: Greg Scott @ 2002-01-26  1:53 UTC (permalink / raw)
  To: lartc

That would work, and I think I could set up IPSEC with Free S/WAN,
but PPTP is just so much simpler.  And those 9x/ME PCs will be out
there for a long time to come.

- Greg



-----Original Message-----
From: Daniel Wittenberg [mailto:daniel-wittenberg@starken.com]
Sent: Friday, January 25, 2002 6:17 PM
To: Greg Scott
Cc: LARTC
Subject: Re: [LARTC] Proposal for reasonably secure GRE tunneling


Why not use encryption keys instead?  Because if you substitute crypto
key for password, then you have an IPSec tunnel. Besides, MS is moving
away from PPTP.  Take a look at 2k and XP, they have IPSec tunneling, so
that seems to be the right direction to go.

Dan

On Fri, 2002-01-25 at 06:23, Greg Scott wrote:

> After tossing and turning half the night, this idea came into my head:
> 
> It's really neat that we can set up GRE tunnels between Linux servers.
> Way cool, and thanks!  But lack of any kind of security is a problem.
> 
> What if we had a simple way to secure those GRE packets, or at least
> some means for the two VPN servers to authenticate each other?  
> 
> So this idea popped into my head that seems straightforward to implement.
> What if the system admin created accounts in both VPN servers, call them
> lanagre and lanbgre.  It would be up to the system admin to put in strong
> passwords in those accounts.  Both sides would each have both accounts,
> and it would be up to the system admins on both sides to make sure the
> passwords matched.
> 
> So then, when LAN A wants to connect to LAN B, the LAN A VPN server 
> would look up LAN B's password in LAN A's /etc/shadow file, put together
> a key based on that hash, and then use that key to encrypt traffic going
> across.  Similarly for LAN B.  Since both sides have both accounts, nobody
> needs to send passwords across the Internet.
> 
> If we had this in place, then Linux could do everything that Microsoft
PPTP
> does, but Linux wouldn't make the same implementation mistakes
> Microsoft made.  
> 
> How tough would this be to do?  Does the idea make sense?
> 
> - Greg Scott
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2002-01-26  1:53 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-01-25 12:23 [LARTC] Proposal for reasonably secure GRE tunneling Greg Scott
2002-01-26  0:16 ` Daniel Wittenberg
2002-01-26  1:53 ` Greg Scott

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.