In building a firewall, I need to update and patch the operating system after
the initial install.
However, the compiler and sources should never be on a firewall PC.
So what is the best way to do this ? This firewall PC has 2 identical drives;
I was thinking of performing 2 installs, updating and patching one system, and transferring the binaries to the actual firewall drive.
But exactly how to I go about doing this. 'Sorry, my Unix is not up to speed just yet, I'm sure this is a silly question, but, if I don't ask....
Thanks !
You compile elsewhere and then use scp(1) to securely copy the binaries from your development machine onto your firewall machine for use, if you do not have sshd(8) running on the firewall (most likely) then just install the scp(1) command onto the firewall and have sshd(8) running on your development machine to allow you to copy the files over the network.
Take a look at OpenSSH if you do not have any knowledge of SSH yet.
That sounds like a nice solution that will be easy to implement. I've used SSH, but haven't gotten "into" it the way I have with things like PF. I'll get there, thanks again !