SSH over WAN
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Other forums
- :
- Tech Help - Software/Hardware etc
- :
- Re: SSH over WAN
- « Previous
-
- 1
- 2
- Next »
Re: SSH over WAN
03-09-2015 4:37 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: kmilburn I have SSH forwarded from a non-standard port on the router to the default port on the sever (also a raspberry pi), and (so far) don't get any unwanted traffic.
As a secondary security measure, tools like Fail2Ban or DenyHosts can monitor the logs and block IPs with too many failures.
This is what I've done. Forwarded a non-default port on the WAN interface to the default port on the LAN interface, poked a hole through the iptables and installed fail2ban.
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: SSH over WAN
03-09-2015 4:39 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: chenks76
Quote from: dvorak same was as you do it on any platform... but here's a link https://www.raspberrypi.org/documentation/remote-access/ssh/passwordless.md
that's all very well, but the device i am connecting from is a windows 7 system, and that document only refers to connecting from linux/unix systems.
You can get OpenSSL for Windows and it comes with all the tools you need. Certificates, keys etc created on one OS can easily be used on another.
Re: SSH over WAN
03-09-2015 4:49 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: SSH over WAN
03-09-2015 5:31 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: SSH over WAN
03-09-2015 6:31 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: SSH over WAN
03-09-2015 8:42 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
The default user name is usually 'pi' on a pi device - not actually really secure.
It's worth setting up ssh though, as this also gives you a ftp connection (using sftp with the ssh user & passphrase).
Additionally, I use a VNC server on the Pi so that I can control a GUI interface via a PC VNC client.
"In The Beginning Was The Word, And The Word Was Aardvark."
Re: SSH over WAN
03-09-2015 9:04 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: vilefoxdemonofdoom I wouldn't use ssh over the external internet - you will get dozens of attacks on port 22 each day.
The default user name is usually 'pi' on a pi device - not actually really secure.
providing they don't guess the non-dictionary password then it doesn't matter how many attacks.
changing to a different port won't stop the possibility of attacks.
Re: SSH over WAN
04-09-2015 12:04 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
There is nothing stopping you running a honeypot on port 22 and the real ssh port on some other number.
"In The Beginning Was The Word, And The Word Was Aardvark."
Re: SSH over WAN
08-09-2015 5:26 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: SSH over WAN
03-10-2015 7:40 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: SSH over WAN
25-10-2015 4:47 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Also denyhosts is worth looking at.
Re: SSH over WAN
25-10-2015 4:50 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
"In The Beginning Was The Word, And The Word Was Aardvark."
Re: SSH over WAN
25-11-2015 10:23 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
- « Previous
-
- 1
- 2
- Next »
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page