Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I wasn't asking about -w - I'm specifically asking about ssh'ing directly to target servers, not ssh'ing to bastion boxes and making an ad-hoc VPN. The BeyondCorp ethos is not that everyone should put their ad-hoc VPNs on the internet, it's that you should ditch your VPN and put your actual services on the internet and secure them because your internal network isn't meaningfully more secure than the internet (especially if you have personal devices connecting to the VPN).


Where can I read more about this ethos? I'm interested.


I'll try to blog about it this weekend! It is sort of like the BeyondCorp model (see the paper https://storage.googleapis.com/pub-tools-public-publication-... if you haven't read it) but taken to a bit more of an extreme - instead of having servers on a trusted network and clients, either on the office network or elsewhere, have some proxies before hitting internal services, everything is on an untrusted network.

This was the traditional model of the internet, from before NATs and VPNs were invented. This was the model under which Kerberos was developed - remote processes should only talk to each other over secured connections after authenticating each other, because their transport is the public internet, and there's no distinction between human-to-server and server-to-server in this regard. It was the model under which SSH (trust-on-first-use with no authorities), the HTTPS PKI (fully-qualified hostnames only), etc. were designed.


It's also sounds like a model I've recently advocated for and implemented in software I'm working on. And AFAICT it also lines up with the IPv6 model of the internet. It's great to know there's support for this style of identity management and I hope it proliferates. Looking forward to the blog!




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: