☰
Current Page
Main Menu
Home
Home
Editing
Security
Edit
Preview
h1
h2
h3
Keybinding
default
vim
emacs
Markup
Markdown
Plain Text
Pod
RDoc
reStructuredText
AsciiDoc
BibTeX
Creole
MediaWiki
Org-mode
Textile
Help 1
Help 1
Help 1
Help 2
Help 3
Help 4
Help 5
Help 6
Help 7
Help 8
Autosaved text is available. Click the button to restore it.
Restore Text
--- title: Security --- What measures? Two-factor for all shell access to network systems. * Easy to implement for SSH Mail submission? * SMTP-AUTH - TLS Alternatively no remote access to POP3 Access from VPN. Or SSH tunnel. Initially remote access with TLS and 1-factor auth. Close off and separate IMAP/POP server once VPN in place. ## Authentication * Create a local CA or try: <http://www.cacert.org/> * Create certs for use by Postfix, Dovecot, SquirrelMail **Can the same CA cert be used to sign all service certs?** Should do. domain should only need to match exactly for the service certs. The CA cert can probably be "phase1". Otherwise how would verisign etc use a single signing cert for the millions of other **Can a single server be used for mail & https authentication?** SASL can probably be configured to delegate to a single server <http://www.openinput.com/auth-howto/> ### Two-Factor Auth * Smart Token <http://www.aladdin.com> Suitable for system login and SSL? Requires client software? <!-- vim: filetype=markdown -->
Uploading file...
Sidebar
# SideBar * [Home][1] * [Projects][2] * * * <!-- --> * [Code][3] * [Tech][4] * [Network][5] * [MediaCentre][6] * [UAV][7] * * * <!-- --> * [Travel][8] * [Music][9] * [Horse Riding][10] * [Study][11] * [Games][12] * [Other Activities][13] * * * <!-- --> * [Car][14] * [House][15] * [Watch][16] * [Clothing][17] * [Miscellany][18] * * * [1]: /Home [2]: /Projects [3]: /Code/Code [4]: /Tech/Tech [5]: /Network/Network [6]: /MediaCentre/MediaCentre [7]: /UAV/UAV [8]: /Travel/Travel [9]: /Music/Music [10]: /HorseRiding/HorseRiding [11]: /Study/Study [12]: /Games/Games [13]: /Do/Do [14]: /Car/Car [15]: /House/House [16]: /Watch/Watch [17]: /Clothing/Clothing [18]: /Miscellany/Miscellany <!-- vim: filetype=markdown -->
Edit message:
Cancel