Pritunl Zero
-
Looking at the demo, they are managing the connections by passing everything through this service. The client devices than need to be setup with a certificate or 2FA device to allow you to login.
At least that's what it seems like to my coffee lacking brain.
-
@dustinb3403 said in Pritunl Zero:
Looking at the demo, they are managing the connections by passing everything through this service. The client devices than need to be setup with a certificate or 2FA device to allow you to login.
At least that's what it seems like to my coffee lacking brain.
Ok that's what I was thinking. Not necessarily a bad thing but not altogether revolutionary.
-
My understanding is that a user visits a webpage, logs in, and they are able to reach internal web services.
At least that's what I am getting by looking at this:
https://docs.pritunl.com/docs/pritunl-zero-service
You can use it for SSH as well, too.
-
@aaronstuder said in Pritunl Zero:
My understanding is that a user visits a webpage, logs in, and they are able to reach internal web services.
At least that's what I am getting by looking at this:
https://docs.pritunl.com/docs/pritunl-zero-service
You can use it for SSH as well, too.
So it's a secure proxy with a landing page? Interesting. If you could tie 2FA into this I think that could an interesting tool.
-
@coliver That's my understanding but I could be completely wrong.
-
@coliver Sadly, that's only available in the paid editions:
-
It's a open source (free?) alternative to CloudFlare Access.
-
@aaronstuder said in Pritunl Zero:
It's a open source (free?) alternative to CloudFlare Access.
I wasn't aware of that product, either.
-
It looks like Vault or CloudFlare Access but less functionality.
-
@coliver said in Pritunl Zero:
@aaronstuder said in Pritunl Zero:
My understanding is that a user visits a webpage, logs in, and they are able to reach internal web services.
At least that's what I am getting by looking at this:
https://docs.pritunl.com/docs/pritunl-zero-service
You can use it for SSH as well, too.
So it's a secure proxy with a landing page? Interesting. If you could tie 2FA into this I think that could an interesting tool.
I don't believe that's what this is. From their guide it sounds like this works similarly to Vault. Instead of pushing out individual keys to servers you use this CAs pub key on each server. Users thrn request a cert from the CA that they use to log in.
Ah my bad. I thought he was saying that's how it works for SSH.