mattanl
Posts: 141
Joined: Thu Jun 14, 2012 10:40 am

Remote access

Mon Apr 15, 2013 4:17 pm

Hi,
I want to access the pi remotely, but for security reasons, I dont want to open ports on my router.
LogMeIn will be the best solution for me, but I couldn't find a version for linux...
I found something called LogMeIn Hamachi, that enables me to create a VPN...
But, I'm not sure if it is enough for me:
1. I will have to login (using LogMeIn Hamachi client) and then I'll be able to start SSH session to my pi. Correct?
2. Is it free? I saw "Try it for free". I couldn't find for how much time etc.
3. Is there a better solution for remote access?
Thanks.

User avatar
RaTTuS
Posts: 10377
Joined: Tue Nov 29, 2011 11:12 am
Location: North West UK

Re: Remote access

Mon Apr 15, 2013 4:22 pm

open up port 22 or another port and direct it to port 22 on your RPi
you can probably set it up so you can only log on from various places [IP's] for added security
disable the user pi and use another user and/or setup ssh keys for access
How To ask Questions :- http://www.catb.org/esr/faqs/smart-questions.html
WARNING - some parts of this post may be erroneous YMMV

1QC43qbL5FySu2Pi51vGqKqxy3UiJgukSX
Covfefe

User avatar
abishur
Posts: 4477
Joined: Thu Jul 28, 2011 4:10 am
Location: USA
Contact: Website

Re: Remote access

Mon Apr 15, 2013 6:51 pm

I understand the desire to keep things secure.

If you follow RaTTuS' advice you'll keep things secure (provided of course that you change the default password :lol: ) It won't open port 22 on your Router, it will forward port 22 request to your pi.

If you want to take it half a step more secure, use a random unused port in the unassigned port range and forward that to port 22 of your pi. It will still let people try to bust your password if they try to do an SSH connection on the port, but it's a non standard port, so it less likely some bot will pound away at that port as they tend to blindly test port 22 and then do dictionary attacks on any ssh or ftp response they get.
Dear forum: Play nice ;-)

nadir
Posts: 112
Joined: Sun Jun 10, 2012 5:45 am

Re: Remote access

Mon Apr 15, 2013 11:08 pm

Besides what already has been said (using a non-default port and using ssh-keys for authentication), i also install
fail2ban
and disable root login in
/etc/ssh/sshd_config
(it you search for it in the file via pattern, it is uppercase there /Root

Code: Select all

# Authentication:
LoginGraceTime 120
PermitRootLogin no
StrictModes yes
).

jazzy
Posts: 11
Joined: Tue Feb 26, 2013 12:06 am

Re: Remote access

Wed Apr 17, 2013 3:13 am

You could use log me in to get to another machine on your network, and then ssh into the pi from that machine via putty.

mattanl
Posts: 141
Joined: Thu Jun 14, 2012 10:40 am

Re: Remote access

Wed Apr 17, 2013 12:00 pm

Why? cant I use log me in Hamachi?

Return to “Beginners”