If you always connect via the same remote IP you can block all IP's
except that one using IPTables, and you can take it right down to the
port.
On 2014-10-15 13:02, Ed wrote:
Stephen,
The typical security/access measure is to move the SSH port to a
random high port number, not the standard 22. Your ISP or the ISP your
laptop is connected to may block standard ports, but not likely a high
port number or port 443*. The obscurity of non-standard ports will
force a scanner to trip your fail2ban/denyhosts service, but isn't
really a security feature itself anymore. So, port knocking is also a
good thing to do.
Also, don't use passwords - only certificates - and keep an eye out
for adding 2 factor authentication to your new server as that is on
the horizon for most everyone.
*http://ubuntu-tutorials.com/2013/11/27/tunnel-ssh-over-ssl/
On Wed, Oct 15, 2014 at 10:13 AM, Mike Ballon <[email protected]>
wrote:
I hear ya knocking...
https://www.digitalocean.com/community/tutorials/how-to-use-port-knocking-to-hide-your-ssh-daemon-from-attackers-on-ubuntu
On Wed, Oct 15, 2014 at 1:10 PM, Stephen M <[email protected]>
wrote:
I am trying to learn about ssh and remoting into a computer from out
of my
house. I have all the ability to do this but I want to make sure my
desktop
is secured. I will basically be either using resources on my desktop
or
backing up files to my laptop.
From what I have read. denyhosts and fail2ban are the same, the only
difference is fail2ban requires more maintenance and has more
options. If I
am just trying to turn my desktop into a file server whats the best
option
here?
--
Stephen Melheim
602-400-7707
[email protected]
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list - [email protected]
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
