Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 4 Feb 2007 17:20:08 +0300
From: Solar Designer <solar@...nwall.com>
To: owl-users@...ts.openwall.com
Subject: Re: *SWAN on Owl?

Croco,

On Thu, Feb 01, 2007 at 12:15:07PM +0100, Bernhard Fischer wrote:
> For a single site-to-site connection I prefer OpenVPN. It's easier to
> use ... no kernel modules ... simple configuration and there are
> ready-to-install packages available. We are using it for years and it
> absolutly fits our needs and security issues.

I second Bernhard's suggestion - use OpenVPN, unless you have a specific
reason to use IPsec.  There's a package of OpenVPN for Owl in our
contrib directory - but it lacks compression support.  For compression,
you will need LZO.  To build LZO from source, you will need NASM - it's
available in our contrib directory.  So if you like to install all of
this stuff with RPMs, you seem to have these options:

- try the OpenVPN package from contrib/ - but you don't get compression;

- install binary RPMs from a compatible version of Fedora (FC3 or FC4
for Owl 2.0);

- install the NASM package from our contrib, rebuild LZO from Fedora,
then rebuild and install OpenVPN (from our contrib, from openvpn.net, or
from Fedora);

- same as above, but use the binary package of NASM from Fedora (their
source package of NASM has extra dependencies, if I recall correctly);

- rebuild Fedora packages, matching and rebuilding all dependencies (you
could be forced to rebuild a lot of them).

When I was installing this stuff a year ago, we did not yet have the
contrib packages.  Here are the package versions that I happen to have
installed on an Owl box with OpenVPN:

nasm-0.98.39-3 (Fedora binary RPM)
lzo-1.08-6, lzo-devel-1.08-6 (rebuilt from Fedora)
openvpn-2.0.7-1 (rebuilt from a http://openvpn.net download)

I hope this helps.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.