I have very mixed feelings about bastion hosts in general. It usually feels like... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		rollcat on Nov 24, 2022 \| parent \| context \| favorite \| on: Mosh: An Interactive Remote Shell for Mobile Clien... I have very mixed feelings about bastion hosts in general. It usually feels like moving the problem around, eventually you end up adding even more complexity just to do your job. Wireguard (or Zerotier/Tailscale, depending on your threat model) might end up being simpler. Complex is the enemy of secure - if it's hard to use, then it's easy to make a mistake.

cgb_ on Nov 24, 2022 [–]

I tend to agree with you, but we don't always have control over the networks we access, and fitting in with other org's policies is often required. ProxyJump is very handy for that.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact