[lug] VPNs
Nate Duehr
nate at natetech.com
Wed Feb 7 00:38:52 MST 2001
On Tue, Jan 30, 2001 at 04:02:21PM -0700, Michael J. Pedersen wrote:
> I want to access an imap server, which resides on mail.remote.com, port 143.
> imap specifies that everything happens in clear text, and this is bad. I don't
> want my password to be seen. Configure SSH to forward localhost:143 to
> mail.remote.com:143, and then login using ssh (this is key, and is not
> mentioned often enough in the texts that I have seen). From here, I can tell
> my mail client that my imap server is on localhost, port 143, and actually
> check my imap email. Using ssh, you can mimic some of the features of a vpn.
> It's not perfect, but it might be worth using.
I like tunneling IMAP through SSL with sslwrap from inetd.conf. Netscape supports it
under the advanced IMAP configuration tab, and it works nicely. Plus
running it through inetd means you can use TCP wrappers to add another
small layer (not that great, but it helps) of security by limiting the
IP's allowed to get to the IMAP daemon from remote networks.
--
Nate Duehr <nate at natetech.com>
GPG Key fingerprint = DCAF 2B9D CC9B 96FA 7A6D AAF4 2D61 77C5 7ECE C1D2
Public Key available upon request, or at wwwkeys.pgp.net and others.
More information about the LUG
mailing list