I have taken down the port forward (again, I only use it when I need it...for now...), but could I ask for a little clarification? Specifically, I have an external port (not port 22) forwarded to my internal port 22 on the RPI. I just read that it's possible to change the internal port on the RPI for SSH to something else...redhawk wrote:It would also be advisable to change or add an additional SSH port number and do not forward TCP 22 (to minimise on script kiddie attacks).
DougieLawson wrote:Leave SSH port 22 on your LAN alone. Change it on your WAN (port forward WAN port 2222 to LAN port 22) if you must.
I planned on making a new user on the pi....haven't gotten to that point in the manual yet. Hoping to do as little with the GUI interface as possible, by the way (not that you mentioned it, just a general note). I want to force myself to get more comfortable in the terminal world. ...there's a method to my madness. ...or, rather a madness to my method, methinks.RaTTuS wrote:and for you own safety - disable the user pi and use another username
Because it's a PITA and does nothing to enhance security (which should be OK on your "trusted" LAN).DasKraut wrote: But you're saying I should not alter the RasPi itself? Any reason why? Or is it exactly for the reason I assumed above?
Oh yeah, I use it all the time. Great system! My biggest issue is I need to be able to share certain things with the luddites I have to deal with on a daily basis. I've read about setting up a web-based secure download link with it...but I'm just not there yet. I've got more to learn about all this.default_user8 wrote:You might be interested in bitttorrent sync if you'd like to "start hosting things yourself". BTSync is a dropbox type service that lets you sync files between computers without going through a 3rd party sever(ie. Icloud). I recently migrated away from dropbox and have been very happy so far with btsync. Not that i have any top secret files to protect, but it's nice to know i'm in control of my own data.
Code: Select all
ssh -X [email protected]/dns 22 ssh [email protected]/dns -p 22 ssh -p 22 [email protected]/dns
I'm sure it'll be something simple i've overlooked...ssh: connect to host externalip/dns port 22: Connection refused
Code: Select all