Re: [Devil-Linux-discuss] vpn gateway with dl

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, April 4, 2006 08:37, darkwing d wrote:
> Hello all!
>
>
> We are searching for a reliable and secure solution to implement a vpn
> solution for our company. I came across with devil-linux and i'm
> enthusiastic so far. ... and here comes my question:
>
>
> We want to use OpenVPN with X509 certificate authentication.
> System + etc should reside on the cd image.
> Does it make sense (or is it even possible) to store the client certs on a
>  hd ( we would prefer a cf card), to get the possibility to add/revoke
> client certs without being forced to build a new cd image. Maybe this is
> violating the fundamental idea of dl?
>
> is there a better solution? any suggestions would be helpful. thanks in
> advance!

DL supports harddisks for purposes like this, check our docs.

But you're free to do whatever you want, mounting a separate CF card/USB
stick would also be OK.

What you also could do is keep it in the ramdisk and 'mirror' (wget or
lftp) the certs from an internal web/ftp server. Update the file on boot
and i.e. every hour.
This would safe you the mounting and umounting of the media.

- -- 

Regards
  Heiko Zuerker
  http://www.devil-linux.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iEYEARECAAYFAkQyp1UACgkQUcytMSbs+YUPvwCfZKn4Y9kIX39b+yu/Pspbxehe
SOsAn1okGja555r8rxDTIkB6VnpiTr37
=zbFx
-----END PGP SIGNATURE-----