Re: OT: Safe to access SSH server from work?

To: debian-user@lists.debian.org
Subject: Re: OT: Safe to access SSH server from work?
From: Jerome BENOIT <g6299304p@rezozer.net>
Date: Thu, 05 May 2011 23:47:22 +0200
Message-id: <[🔎] 4DC31AEA.3080103@rezozer.net>
Reply-to: g6299304p@rezozer.net
In-reply-to: <[🔎] BANLkTinFavrwh5NcWFcdJCE8+M-ja5=UXw@mail.gmail.com>
References: <[🔎] BANLkTinFavrwh5NcWFcdJCE8+M-ja5=UXw@mail.gmail.com>

Hello List,

On 05/05/11 23:14, George wrote:

I have a computer at home that I'm doing some research on and I set up
an SSH server on it so I can access it from other computers at home. I
haven't opened up the network to the internet yet though, as I'm not
confident enough that it is safe.

What are the configuration steps that I will need to do on the server
and the client to be able to work access the computer from my
workplace?

Very briefly, on your home box:
0] install appropriate harden Debian packages;
1] set up a firewall (e.g, firehol Debian package);
2] in /etc/hosts.allow limit access to sshd accordingly (sshd: <WORKPLACE IP>);
3] configure the /etc/ssh/sshd_config to allow only a small set of users (sshd_config AllowUsers),
basically only you;
4] use public keys rather than passwords.

I guess that the list is incomplete, but it is certainly a good start.

hth,
Jerome

Reply to:

Follow-Ups:
- Re: OT: Safe to access SSH server from work?
  - From: shawn wilson <ag4ve.us@gmail.com>

References:
- OT: Safe to access SSH server from work?
  - From: George <pinkisntwell@gmail.com>

Prev by Date: Re: Need help with approx configuration changes for squeeze
Next by Date: Re: OT: Safe to access SSH server from work?
Previous by thread: Re: OT: Safe to access SSH server from work?
Next by thread: Re: OT: Safe to access SSH server from work?
Index(es):
- Date
- Thread