Hi,
Jason Hsu wrote:
I've learned how to turn an old computer into a firewall and DHCP server for my
tiny home network.
Which distro are you using?
I understand that I can install an SSH server on this machine so that I can
access it from outside. Once I have this SSH server connected to the Internet,
how do I access it from another location? I have DSL broadband service, but I
don't think I have a static IP address.
My suggestion is to use a dedicated firewall machine with as little on
that as needed, absolute minimum. No ssh on this server.
Use port forwarding to a box running just ssh (no other public
services); consider ONLY port forwarding from trusted IP addresses if
possible.
On the ssh server ensure you use AllowGroups in your ssh setup,
/bin/false is not suitable to secure ssh logins [1]. Also consider
logins only with certificates (if you can). Consider NOT allowing root
access, you can always sudo or su to root if needed. Consider if you
need tunneling enabled on your ssh server.
Ensure, if allowing password logins via ssh that you have a nice long
and secure password. Simple or short passwords offer little or no security.
There are logs more things to consider, but the above should give you a
good start.
[1] http://www.semicomplete.com/articles/ssh-security/
--
Kind Regards
AndrewM
Andrew McGlashan
Broadband Solutions now including VoIP
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4d69cc20.7030...@affinityvision.com.au
