Domain: appgate.com
Stories and comments across the archive that link to appgate.com.
Comments · 19
-
Re:PINE + PortaPuTTY + Thumb Drive
How about a web - based ssh client like http://www.appgate.com/products/80_MindTerm/ ? You drop the jar somewhere voilà, instant ssh connection on a browser that has java.
Disclamer: I _dont't_ work for said company, just a very satisfied user.
-
Re:pine + screen
If you run MindTerm (http://www.appgate.com/products/80_MindTerm/, Java applet SSH) with tunneling, and you have the java applet enabled on a VNC session internally, you can view everything local to your server instead of having to pull it across to the local machine. The utility value varies with the type and size of the attachment, but I like being able to securely remote VNC from any web browser.
Derek -
Re:Well, here's my take
I'm sure i've seen a java ssh client, that you use in your browser..
You are probably thinking of MindTerm. If you don't have a web server you can stick it on, Google has some hits of existing installations that will work.
-
With the risk of being moderatedI have good experience from a product named Appgate Security Server from Appgate.
It is able to do most of the things you need. It all depends on how complex solution you want.
-
They forgot one
Mindterm.
Instead of fixating on "this one's integrated with KDE" and "this one allows profiles so you can keep your color choices", Mindterm allows SSH access from any computer with a Java-enabled browser. In many ways, that's more useful to me than the differences between the reviewed terminal emulators.
When I'm at the console, a terminal is a terminal. My choice of shell makes a bigger difference to me. When I'm not at the console, it's easier to find a Java enabled browser than someone willing to let you install Putty (if it's a Windows box).
Instead of deciding which jewel-studded hammer you'd prefer to use, I'm much more interested in the hammer that does the job but is easier to carry around or fits on my belt. -
Re:*BAD* design practiceDesigning for a specific resolution is a bad thing. Agreed. But what most of us were talking about is a specific minimum resolution. Fixed width layouts aren't a 640x480 vs. 800x600 issue. They're a print layout vs. web layout culture thing.
A) >95% of all clients are 800x600 or above. I don't see why this can't be a baseline. For clients such as PDAs and WebTV, just make a dedicated stylesheet instead of shoehorning into the desktop layout paradigm. Also, I've seen designs where horizontal scrolling is a compelling design decision...as long as it only scrolls in one direction (ie. horizontally and not vertically).
B) Agreed. All web sites are constantly under construction in some form or another.
C) This is technological bigotry. Javascript can be used to reduce the network traffic and make immediate client UI reactions. This can be a good thing. Is it abused? Sure, but so is plain HTML sometimes. Java, same story, more advanced applications. For example, the Mindterm SSH client is a Java applet. It allows access to that particular server (and only that server) from any Java enabled browser anywhere in the world. Comes in pretty darned handy for me when I need to get on my box remotely but still respecting security. I have seen games and utilities in Flash that cannot be done otherwise on the web. Without widespread development and adoption of SVG/SMIL, Flash is the only way to get some things done. Are Flash adverts annoying? Certainly, but so are static image adverts. There is nothing inherently evil or bad about these technologies. In fact, your arguments sound conspicuously like those of diehard gopher, archie, and usenet users who derided the web...basically for being too popular. Popularity breeds misuse, no matter the topic or tool.
D) Agreed.
E) I almost agree. You can specify by name as long as you provide fallbacks. (eg. font-family: 'Avant Garde', 'Zaph Dingbats', 'Times New Roman', serif;) There's a difference between accepting that not everyone has you favored font and completely discarding its use.
F) Agreed. This is a good test for many audible and braille readers. It is also good for programmatic access of your site by search engines, proxies, and crawlers. Semantic markup is the way to go. Just be sure to avoid the use of CSS directives like "display: none;" which many accessibility readers understand and avoid as well. Just say no to FIR.
G) More bigotry. Should frames be used less than they currently are? Sure, I can agree with that. But there are legitimate uses for frames and iframes; Uses that cannot be adequately replicated without using frames.
H) Wholeheartedly agree.
I) Wholeheartedly disagree. There are definite times when this practice is called for. Especially for web applications instead of publish-oriented, static web content. If you concerned about popups, get a browser that blocks popups. If a site pops up a window and you don't like it, don't go to the site. It personally doesn't bother me when used in a context that makes sense.
J) Yes, graceful degradation is a good thing. Semantic markup and judicious use of CSS is the way to go. As far as layout, I have no problem giving NS3/IE3 a look comparable to lynx/links. Content accessibility is important for every client, but appearance for these obsolete browsers is close to the bottom of my priority list.
-----All of the above issues are turning the Web into a mish-mash of unreadable, un-navigable garbage. If enough people refuse to stay on badly designed sites, the sites will die. Eventually, practices will change--hopefully.
Bull. Bad UI decisions have turned the Web into this. Bad UIs can be found everywhere, not just in the Web. That's what UI specialists are for. Just because you're a coder who hates Flash doesn't make you the cat's meo
-
Test your applictionsThe most important thing is to test the applications you want to access through it. This area may be a minefield since this type of VPN usually only offers limited connectivity. Some applications may use dynamic ports, expect reverse connections, or exhibit other strange behaviours.
Also check if the product supports the authentication method you want to use. This should normally not be a problem but since authentication systems may cost quite a lot it is a good idea to check it out.
Another thing to look at is reliability. How stable is the box, what happens if the box breaks? Can you connect multiple boxes in a cluster?
Also do not stare blindly at the SSL protocol but rather focus on functionality. There are other products which have similar functionality but builds on different protocols. For example AppGate which uses SSH as the basic protocol (disclaimer: I work for AppGate:-).
The most common functionalities people tend to look at are:
- The ability to have fine grained access control, down to the user level.
- Ease of deployment
- Ease of use
- "Network ruggedness" these products typically only rely on simple TCP streams so they have a higher success rate than IPsec in some network environments.
-
SSH on cell fones
every cell fone should have a SSH client and a IP address. Being a Sys Admin, I know how important it is to get access to SSH.
If you can create a SSH tunnel (see mindterm through your your company's firwall, you can get to any intranet server using SSH on your cellfone
Or you could even SSH tunnel into your cell, and retreive telefone number, addresses(or other data). -
There are also commercial products to do this...
Swedish company AppGate develops a commercial software that enables SSH-tuneled access to intranets for Ericsson P800 cell phones.
-
browser shells in java
do a google on "mindterm ssh". it's a java applet that does ssh (1, maybe 2 as well, been a while since i looked at it) and vt100. it'll only connect (by default, this is a jvm thing) to the host it came from, but it's handy if you have a user base that may be "floaters" (i.e. may be on random machines traveling around; all they need is a web browser). ah, here's the link and it does support ssh2. it is free for "personal and limited commercial" use.
If you just need vt100/telnet style access (say, within your firewall'd lan) you might like ShellInABox, which is a GPL'd java applet shell for that purpose.
-
Reinventing the wheel...
This has already been done, and better (with SSH support, to boot).
-
Re:I've used something exatly like this for months
Apparently not very hard.
We run this on a server that a group of people I'm associated run. Works extremely well if you're on a box that doesn't have an ssh client installed.
-
Offtopic, but still interesting
I know that this is offtopic, but I can't help but be grateful that I can use pine over a ssh connection when I see articles like this. I can access all of my mail from nearly anywhere in the world and have the same capabilities as if I were sitting at my desk. I can even access it using only a java-enabled web browser using mindterm.
-
Re:Still useful
Has anyone seen a good Java applet for ssh access?
Mindterm looks pretty good, and would make it pretty easy to get at your email from whereever. It's covered by a proprietary public source license. -
AppGateThe AppGate system is a VPN-kind-of system based on OpenSSH. Might be worth a look.
Also, their Java ssh client Mindterm kicks ass, but they have been changing their licensing several times the last year.
-
Re:Aspelle & Aventail
And also AppGate
-
mindterm ssh from appgate.com
mindterm ssh from appgate.com takes a novel approach to sftp. in addition to having a popup window that will do the sftp, you can also use the ssh client as an ftp proxy server - meaning you can use standard ftp to the ssh client, and it will then translate that into sftp to your ssh server. meaning you can have your users use whatever ftp client they like.
-
Redundant DataThe problem with a VNC-only solution (or other remote desktop app), as already aluded to by another poster, is that you're still stuck on ONE computer (whichever one you're talking to). Sure you can log in from anywhere, but if the hardware fails on the "server" you're talking to, you still suffer as much downtime as before.
What you need is to combine VNC with a distributed (ie. multiple-computer, at multiple-locations, with multiple-ISPs on multiple-backbones) setup. I'm not aware of any automated products for this, what I've done in the past is to have an main CVS repository on one box, and a cron-job that updates it every night from a different machine. If you lose that main box, you'll have a worst-case day old copy of the repository on the other machine, and can still continue to do your work. If it's a big problem with several days of downtime, you can then set the backup as the main CVS server.
This could work for any number of "backup" computers, but even having two will pretty much eliminate the downtime you've suffered before. And you can use CVS to backup all sorts of stuff (code, IDE config files, even binary data).
In the *nix world, esp. if you're used to a command-prompt instead of a GUI, using VNC is often overkill - I tend to use an OpenSSH java applet (such as AppGate's excellent MindTerm), which can run over slow connections without issue, and can be served from any number of computers.
(However, for a Wintel solution, you'd have to find a configuration-management tool that can automatically update stuff for you - not sure if Source-Safe or StarTeam can do this).
-
Redundant DataThe problem with a VNC-only solution (or other remote desktop app), as already aluded to by another poster, is that you're still stuck on ONE computer (whichever one you're talking to). Sure you can log in from anywhere, but if the hardware fails on the "server" you're talking to, you still suffer as much downtime as before.
What you need is to combine VNC with a distributed (ie. multiple-computer, at multiple-locations, with multiple-ISPs on multiple-backbones) setup. I'm not aware of any automated products for this, what I've done in the past is to have an main CVS repository on one box, and a cron-job that updates it every night from a different machine. If you lose that main box, you'll have a worst-case day old copy of the repository on the other machine, and can still continue to do your work. If it's a big problem with several days of downtime, you can then set the backup as the main CVS server.
This could work for any number of "backup" computers, but even having two will pretty much eliminate the downtime you've suffered before. And you can use CVS to backup all sorts of stuff (code, IDE config files, even binary data).
In the *nix world, esp. if you're used to a command-prompt instead of a GUI, using VNC is often overkill - I tend to use an OpenSSH java applet (such as AppGate's excellent MindTerm), which can run over slow connections without issue, and can be served from any number of computers.
(However, for a Wintel solution, you'd have to find a configuration-management tool that can automatically update stuff for you - not sure if Source-Safe or StarTeam can do this).