Post Reply
Malta
Posts: 1
Joined: Mon Jul 20, 2015 9:00 pm

How to securise access : VPN or SSH ?

Mon Jul 20, 2015 9:11 pm

hello,

I've a pi2 which is going to be used to host 2 blogs (with ghost over nginx). Blogs are up, but as I'm going to be very far from my pi, I want to access it over the internet. So I configured a vpn with openvpn, (this tuto is great ! http://readwrite.com/2014/04/10/raspber ... b-browsing). But I am wondering : is it far better than to just open port 22 and access my pi directly with ssh ? Is anything better with vpn than with ssh ? Have I lost all thoses hours for nothing or not ?

Thanks for your advices !
sprinkmeier
Posts: 410
Joined: Mon Feb 04, 2013 10:48 am
Contact: Website

Re: How to securise access : VPN or SSH ?

Tue Jul 21, 2015 11:07 am

a VPN gives you more complete access to your remote system, allowing you to run SSH, NFS, SAMBA, ...
The downside is that VPN's are harder to configure, run and (arguably) secure.
With the right tools on the local system you can do pretty much all of this over SSH (using sshfs, sftp, X tunneling over SSH etc.) so a VPN is of litttle extra benefit.

Either way you can configure passwords + pre-shared keys to increase security.

If you're really worried about security add fail2ban and consider changing the default port as well (that won't do much to slow down a targeted attack but does tend to reduce the noise). Look up port-knocking if you're bored.

In the end the VPN/SSH question won't matter 'cos you'll get owned through a dodgy web-plugin anyway :-)

BTW, you've wasted no time if you've learnt something.
Post Reply

Return to “Beginners”