On 12/30/06, Timothy Murphy <tim@xxxxxxxxxxxxxxxxxxxxxx> wrote:
What is the safest way of allowing access to a home system from a remote computer? I am running Fedora-6 and shorewall. Any advice or suggestions gratefully received. -- Timothy Murphy e-mail (<80k only): tim /at/ birdsnest.maths.tcd.ie tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
I agree - ssh with no password and then use certificates to authenticate. And start it with the -X option if you want to be able to run XWindows applications over ssh. As for a router, as was noted, you simply need to configure your router so that all traffic coming in on whatever port you decide to use for ssh (22 being the default) is forwarded to your ssh server. You will want to assign a static IP to your ssh server (either configuring the box itself, or if your router supports it, assign static IP via DHCP for the nic in your ssh server). It would also be wise to disable root access via ssh. If you need root access, you can su or sudo once you've connected to your server. To copy files, you can use scp to access your ssh server. If you simply want to set up a shared drive on your server, then have a look at hamachi. I've played with it (the Windows version mind you, but they have a Linux version as well). You can find Hamachi at http://www.hamachi.cc/. The nice thing with Hamachi is that it's zero configuration. You don't have to open ports on your router to get it to work. The down side if you are paranoid is that you are relying on someone else's network and product vs known/trusted ssh. And of course VNC and its flavours might do the trick. I am pretty certain you can tunnel VNC through ssh if you want to wrap a layer of protection/encryption. I had managed to get VNC to work over Hamachi for a fleeing moment a while back (Windows box otherwise I would have tried it with ssh). Jacques B.
