discuss: The How-To I'm working on. -- bootable secure cd for remote access
Subject:
The How-To I'm working on. -- bootable secure cd for remote access
From:
"Jeff Waddell" ####@####.####
Date:
2 Dec 2006 01:37:45 -0000
Message-Id: <8a44f71c0612011711g1d4ad7l3d12ac965289fce4@mail.gmail.com>
Hello everyone,
Thanks for taking some time to read this email...It will be long...so I'll
give a table of contents to help you choose what you wish to read.
1) Intro.
2) Current status
3) Road Blocks
4) What you can do to help me get this out there.
5) What I'll be doing next.
1) Intro.:
Ok, so I've done this cool thing using Damn Small Linux and openvpn to
create a bootable cd to allow certain members of our faculty/staff at South
Seattle Community College to access our network both remotely and at the
same time securely (this may be a bit more difficult than you imagine, as
there are some really thorny constraints to this). I'm detailing what I did
and of course how I did it, so others can follow this path if they so
choose. I've got a prototype that proves the theory and it is in alpha
currently at the college. As it's dealing with security I won't be able to
release the cd I've made exactly as made (as per orders from the security
authority at the college I have to remove all keys from the image before
placing it in a publicly accessable place).
2) Current Status:
I used David Lawyer's little form to create a preliminary how-to and am in
the process of filling in the considerable blanks. I found Tabatha
Marshall, on a different forum, and noticing that she has done considerable
editing work with the TLDP, I contacted her. She pointed me to this list
and suggested that I inform you all of what I'm attempting to do, ditch
attempting to put any markup in, and get volunteers to do that for me when I
have the thing done. Those seemed like relatively good advice so here I
am. I see that you have a bit of an issue with volunteers at the moment, so
perhaps I'll need to do my own markup (I'm not opposed, but I really would
appreciate a real tool to do this job...) I really like the idea of
building the thing in a wiki and then translating it out of the wiki into a
final docbook or linuxdoc format...don't know how possible that is. Anyway,
I've got a lot of details to get into the document before I can seriously
consider the formatting. I'd like to get a draft done and in front of other
people's eyes as soon as possible. To do this I have to get a version
vetted by the department I'm in at the college and release it there first as
I have promised to do it this way.
3) Roadblocks:
Lack of a decent markup tool (at least that I could find); lack of time on
my part (I can just put in what I can put in); need a server to put up the
various tools that I used as well as a modified cd image so that it's easy
to recreate what I did...I'll probably put it on sourceforge or savannah
unless a better choice comes up; some confusion on my part about how to go
about describing the process in a how-to like manner as it's a minimum of a
3 step process and each step is both independent and interdependent on the
others. I also used several methods during creation and testing that might
warrant mini-HowTo's...we'll have to see as it all comes together. I wish
to make it as clear and short as possible, yet no more so; and of course the
vetting process at the college is a roadblock, however I've recently got
verbal approval to put cd images out in public (after removing any keys) so
that's less of an issue at the moment. and given that we can revoke keys it
isn't even that big a deal if I screw that up...I really like the method I
created here...I hope I didn't miss something obvious...part of the reason
for releasing it to the wild is to see whether it is as secure as I and the
security team I'm working with believe.
4) What you can do to help me get this out there.
a) volunteer to proof the document
b) volunteer to put the document in the proper linuxdoc/docbook whatever
format.
c) try out the process and make sure I've really explained it well enough to
be useful to others.
d) encourage me :)
e) explain to me why I should or should not GPL this document (I believe I
prefer it to GFDL, and Creative Commons, however I could be convinced one
way or another) I choose Creative Commons in the form that I used to create
the initial document, however I am definately willing to change that.
f) give me money, or food or something :)
5) What I'll be doing next.
Writing, writing, and writing :)
Moving the project forward from proof of concept to finalized deliverable
product.
Creating a project on either sourceforge or savannah and putting the various
pieces up there for easy retrieval. I will probably just put in links to
the various projects that I used such as dsl, qemu, openvpn, etc.
Once I have a draft that I feel is sufficient to get the point across I will
release it internally to the college.
After that I will evaluate which direction to go.
Thanks for your time in reading this and I look forward to working with some
of you :)
Jeff
