[TriLUG] Has anyone used SSL-Explorer?

Daniel Bartholomew plumcreek at gmail.com
Thu Jun 21 11:43:10 EDT 2007


On Thu, 2007-06-21 at 07:13 -0700, Kevin J. wrote:
> It seems like this would be susceptible to a password attack 
> if it's polling directly against AD for authentication. Do any
> of these work with two-way authentication mechanisms such as a 
> RSA SecurID FOB?
> 
> Kevin 
> 
> 
> ----- Original Message ----
> From: David McDowell <turnpike420 at gmail.com>
> To: Triangle Linux Users Group discussion list <trilug at trilug.org>
> Sent: Thursday, June 21, 2007 9:55:21 AM
> Subject: Re: [TriLUG] Has anyone used SSL-Explorer?
> 
> 
> We started testing with SSLExplorer and found it limiting for our
> needs.  We ended up going with a commercial SSL VPN solution by Array
> Networks.  It works great, although so far I've only technically
> tested with WinXP Pro due to that being our corp environment.
> 

I'm probably not the best person to answer this (seeing as I just
started playing with SSL-Explorer this morning) but in looking through
the authentication mechanisms listed in the extensions manager it
seems to support several --- client certificates, Active Directory,
local sytem accounts, usb-keys, LDAP, NIS, OTP/SMS, and RADIUS.

I don't know much about how any of these are implemented, but there
seem to be a lot of choices.

My main question now is whether or not I can script this. If we use it
we'll be adding and removing users often and each user will need
customized apps (i.e. a putty session to a specific port on a specific
server for just that user and no one else). If creating (and destroying)
apps is strictly a manual point-and-click affair then this solution is 
probably unworkable.

From what I've experienced so far in my couple hours of testing I am
impressed with how well it works and how easy it was to set up. It
would be a shame to have a lack of scriptability be its downfall.

-- 
Daniel Bartholomew
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://www.trilug.org/pipermail/trilug/attachments/20070621/fb042560/attachment-0001.pgp>


More information about the TriLUG mailing list