[arch-general] "Automatic" upgrade
ismael.bouya at normalesup.org
Tue Feb 11 07:35:47 EST 2014
(Tue, Feb 11, 2014 at 01:29:30PM +0100) Constantin :
> You could establish a VPN/tunnel originating from the server you want to
> update. That way, from the machine's view, it is an outgoing connection
> and might not be restricted by the firewall. You can then use the
> existing tunnel to ssh back to the machine.
> Of course this would require an accessible server somewhere outside.
Sure, that's what I understood in the former message, and already thought
of doing it. The problem that I have (maybe it wasn't clear in my message)
is that then I give an "obvious" *permanent* entry point to a network that
is willingly closed. If anything happens (even if I'm quite confident with
the security of the machine, we never know), it's my responsibility, and I
don't want that.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 198 bytes
Desc: Digital signature
More information about the arch-general