Security of OpenSSH versus PCAnywhere; GoToMyPC
- From: The_nth_Traveler <no.rjlpub.spam@xxxxxxxxx>
- Date: Mon, 27 Feb 2006 05:10:36 GMT
Folks,
I am going to have the need to remotely manage my home PC over the
internet soon.
The only time I have done something like this has been with either
PCAnywhere or VNC (I prefer UltraVNC as the flavor of VNC) over a
secure virtual private network, logging into my work PC from my home
PC.
Now I will need to be on the internet using a Window PC (2000 or XP),
and get into my home PC (another Windows 2000 or XP), and remotely
manage it.
I believe I should be able to set up a OpenSSH tunnel on the internet
to use VNC (I would prefer VNC over PCAnywhere and GoToMyPC, due to
the cost).
However, I was wondering if anybody has any thoughts on the security
of OpenSSH over PCAnywhere (v11.5) and GoToMyPC.
Protecting the data as seen is very important, and if the more secure
method is more costly or difficult to use, so be it.
I see that OpenSSH can use 3DES, Blowfish, AES and arcfour as
encryption algorithms.
PCAnywhere uses a Symantec Cryptographic Module which is supposed to
adhere to the FIPS 140-2 Security Requirements, and uses AES, 3DES,
SHS, HMAC, and RNG.
GoToMyPC uses 128bit AES with a Cipher Feedback Mode (CFB).
I would prefer to use the OpenSSH/VNC route, due to the cost, and the
fact that it is open source. I am a little leary of proprietary
software, as they may have their own little "back doors" into the
data, whereas I would hope enough people would have looked at the
OpenSSH code to see any vulnerabilities in security.
Any thoughts on what would be better for a Windows host - PuTTY or
Cygwin? Or would tunneling into a Linux box securely, then VNC over to
the Windows PC be easier? Would this be more secure? (It might add a
layer of security, at least)
What about the remote? Again, I guess my choices are PuTTY or Cygwin.
As I mentioned, I will be logging into my PC from the internet, which
may or may not be behind a firewall/router.
My home system is connected to TimeWarner RoadRunner via a Linksys
router/firewall.
I'm assuming that I will also need to run some type of dynamic DNS
service, such as DynDNS, as I have a dynamic IP address. Does the use
of DynDNS cause a security risk?
Any thoughts would be greatly appreciated.
Sincerely,
TheNthTraveler
-----------------------
Get rid of 1st and 3rd words before at sign to reply by email
.
- Follow-Ups:
- Prev by Date: Re: Is it possible to get ssh to run on multiple ports
- Next by Date: Unable to ssh w/out password
- Previous by thread: Is it possible to get ssh to run on multiple ports
- Next by thread: Re: Security of OpenSSH versus PCAnywhere; GoToMyPC
- Index(es):
Relevant Pages
|
