bert hubert wrote:
> For more rationale, see the URL. I would very much appreciate your input. Is
> this a wise idea? Are there better ways to achieve this, are people already
> working on this (besides IPSEC)? etc et.
You can set up SSH such that it only looks at a key, not at the IP address
(well, it looks at it briefly, but look away if it doesn't like what it
sees).
You can either just copy the public host key of your dynamic systems to
$HOME/.ssh/authorized_keys on your server (if you trust every user on
those dynamic systems), or - better - generate new keys for all trusted
users on those dynamic hosts with ssh-keygen and use it with ssh -i.
If you want, you can then also run PPP over SSH to build your own little
VPN.
- Werner
--
_________________________________________________________________________
/ Werner Almesberger, Lausanne, CH wa@xxxxxxxxxxxxxxx /
/_http://icawww.epfl.ch/almesberger/_____________________________________/
|