[clug] secure remote access method
Chris Smart
mail at christophersmart.com
Thu Jun 18 23:47:25 GMT 2009
2009/6/19 jm <jeffm at ghostgun.com>:
> With the mc-root discussion I thought I'd start a thread to ask a few
> questions about secure remote access to a home server. Given that we all
> like to have remote access to our home machines so that we can tweak the
> occassional setting or such while we're not busy or something similar. What
> are some thoughts out there on how best to do this? There's the classic ssh
> and ssh with port knocking. But, as someone pointed out, dealing with
> unfriendly firewalls when your traveling can kill this idea, eg by blocking
> port 22? A lot of firewalls out there are now doing protocol enforcement so
> you can't put ssh and port 80 because it doesn't look like http. What other
> methods are out there?
>
I think one of the easiest ways to get around constant ssh attempts is
to put ssh on a different port.
Of course you should also take other precautions too, but this stops
scripts talking to port 22 in the first place.
When ssh'ing in use -p option, i.e.
ssh -p [port] user at mycomputer
When copying, use -oPort=, i.e.
scp file -oPort=[port] user at mycomputer:[path]
Alternatively, you can set up a ssh config file to always connect to
given server on a specific port.
-c
More information about the linux
mailing list