7 Jun
2004
7 Jun
'04
2:10 p.m.
Once you open the router to SSH from arbitrary locations on the Internet
i don't think anyone (sane) was suggesting that. but my competitors are encouraged to do so.
It makes more sense to funnel everything through secure gateways and then use SSH as a second level of security to allow staff to connect to the secure gateways from the Internet. Of course these secure gateways are more than just security proxies; they can also contain diagnostic tools, auditing functions, scripting capability, etc.
and all the other things single points of failure need. like pixie dust, chicken entrails, ... randy