[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 16/02/18 14:38, Mark Williams wrote:
All good advice but I'd go one step further. Create a simple VPN back to your home network using another machine. That way all browsing, file transfers, etc, can be conducted securely without needing to tunnel over SSH. You have full access control, can set up and revoke if necessary a user account for each device, and you have the option to use your home internet connection on the road too. When connected remotely, your device will behave as though it's at home. Something like http://www.pivpn.io/ is a straightforward introduction to certificate based VPNs and while that's intended for a RPi, it can be run on any Linux box.If you're particularly paranoid, you can also set up port knocking. That means you effectively visit a port of your choice which logs your IP address, adds it to a firewall rule for a temporary period, then you can access the remove services (the VPN in this case) over a different port. Unless you've knocked on the chosen port first, attempted connections to the VPN are rejected, providing another layer of security and obfuscation.
Hi Mark, Thanks for that - I will add it to the research-list. Brilliant - thank you. Thank you. Roly :-) -- The Mailing List for the Devon & Cornwall LUG https://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq