Security behind a router? myron_in_da_house "at"
Sun Mar 21 11:02:00 2004

If your router is not configured to forward connections into your LAN, or is configured to block the necessary ports then there is no need to set AuthHosts, but there is no harm is doing so.  As to setting up SSH on your LAN, or there a risk that a user on your LAN will conduct a bit of hacking?

At 05:14 21/03/2004, Gary Fritz wrote:
>I just installed VNC on several systems and, remarkably, it 
>worked quite well with almost no twiddling.
>I changed the AuthHosts value to permit only hosts on my local 
>LAN to connect.  (I.e. set it to "-:+192.168".)  I assume this 
>will prevent ALL connections from any outside hosts.
>Question:  All hosts on the LAN are behind a router.  In this 
>case, is it necessary to go through the pain of setting up SSH?  
>Or can I safely assume that all traffic between server & clients 
>will stay behind the router, so there's no way an unfriendly 
>could snoop them?