Koozali.org: home of the SME Server
Obsolete Releases => SME 7.x Contribs => Topic started by: groyk on July 27, 2008, 07:08:29 PM
-
Hi
I have made a little WinXP program that could access network drives through SSH.
But after that, Cactus has given his opinion that using SSH for this purpose may be a security problem for the SME server.
Therefore I have rewritten this small piece of software to use VPN instead. (witch is easier to configure for the end user ass well.)
The small software maps HomeDir and shares from the logon.bat file on the server.
Further it's opens the VPN connection if necessary
(http://www.groyk.dk/Netlogon.jpg)
The Beta version of the program can be downloaded here
http://www.groyk.dk/Netlogon.zip (http://www.groyk.dk/Netlogon.zip)
Update - The pass encryption is different on every computer the program is installed.
Remark: THIS PROGRAM NEEDS .NET FRAMEWORK 2.0 TO WORK PROPERLY.
-
I don't know what Cactus told you, but SSH is a much safer way of communicating than VPN is.
VPN is a way to encrypt information in IP Layer, while SSH encrypts the application layer. This is specially true when the VPN in question is PPTP (very poor).
SSH encrypts everything, including your login/pass.
SSH allows you to use keys to authenticate, this is as secure as you can get, since both sides have to be trusted.
Anyhow, thank you for this app!
-
I don't know what Cactus told you
http://forums.contribs.org/index.php?topic=41634.msg194510#msg194510
-
I have made a little WinXP program that could access network drives through SSH.
I still wonder what is the added value of your application(s) while making a VPN connection on SME Server is simple as this: http://wiki.contribs.org/SME_Server:Documentation:User_Manual:Chapter1#VPN_Access
Where is the documentation for you program, it seems not to be in the package. What are the values in the ini file? WHy does the ini file not have a layout with sections and key-pairs like normal ini files do? What happens when the ini file gets compromised, the passwords are encrypted but I guess this is not a one way encryption protocol or is it?
-
Hi Cactus
I've wrote this program because, some of my employees had problems opening the connection to the server and map all relevant shares.
Further a lot of people think it is annoying that they have to use 2 or more steps connecting to the server. Before I wrote this tiny program my employees connected like this.
1. Connect to the server through VPN (shortcut at the desktop)
2. Mapped home dir manually (entered username and password again)
3. Opened home dir and run logon.bat from the home dir.
This solution works just fine.
But now they can just fire the shortcut on the desktop and they are connected to the VPN and all the shares.
Remember: I am not telling you to use this program! I am just giving everybody the opportunity to do what I do.
Here is information about the user.ini file
1. username
2. password (encrypted off course the encryption is both ways. if it was one way i can't use it in the program - I think 8-))
3. servername
4. homedir
5. connect at startup (true or false)
At the moment there is NO documentation for the program.
If you think there is some places the program needs improvement's I wold like to hear from you.
-
why did you write it in .net VB or C++ would have been better as i know if you install .net version 3 some programs that need .net 2 will stop working C++ would have been nice as it would be portiable and you could compile it to run on a linux desktop as well like mandriva or centos or ubuntu to work with say linux poptop there is not really anything thing like that for linux openvpn is a bit of a pain and the GUI really suck the onlt thing close to alright is the one that comes with mandriva linux
-
Hi Zatnktel
Thank you for your reply.
The reason why I wrote this program in VB.net is that is what I know! :sad: