On 30/12/06, Timothy Murphy <tim at birdsnest.maths.tcd.ie> wrote:
> What is the safest way of accessing a Linux home computer from outside?
> I'm running Fedora-6 with shorewall.
SSH is generally considered secure if you have good password choices -
or better, only use pre-shared keys. It's not a great idea to just
leave the ssh port open to the outside world (you get a lot of
dictionary attacks), so a combination of:
* Run ssh from a port other than 22
* Restrict the IP ranges from which connections can be made
* Implement port knocking
SSH of course only gives you the text console by default, but you can
tunnel other TCP protocols over an established SSH connection. If you
want to access the graphical (X) screen over a high-latency or
low-bandwidth link, an accelerator such as NX is probably a good idea.
Colm Buckley / colm at tuatha.org / +353 87 2469146
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!