On 01/15/2016 09:18 PM, waben...@gmail.com wrote: > Grant <emailgr...@gmail.com> wrote: > >> I'm considering allowing some employees to work from home but I'm >> concerned about the security implications. Currently everybody shows >> up and logs into their locked down Gentoo system and from there is >> able to access the company webapps which are restricted to the office >> IP address. I guess I would have to allow webapp access from any IP >> for those users and trust that their computer is secure? Should that >> not be scary? >> >> - Grant > > I would use OpenVPN for that. If you don't trust their systems, you > could provide a Live-System media for them if that is possible. > > -- > Regards > wabe > >
I would use VPN + an X server that can spawn sessions on demand. This way it all stays internal on the work network. I do something similar at work for our Windows clients, it was simple to set up there. I've set up my home server to act as a Windows-type terminal server using X and tigervnc. It actually works well, but I never got into multiuser and dealing with logon scripts and the like (you may or may not need this to deal with user documents and the like.) Dan
