[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Sunday, 18 February 2018 19:49:31 GMT Roland Tarver via list wrote: > > Thanks for your reply too Bad. I might just not bother; realistically I > don't think I have the time to research and learn sufficiently in order > to do this safely. I am not an IT professional and the risks are > definitely not worth the gains. I don't think you need to be quite so paranoid as suggested, but I do think SSH is the way to go. All that is really needed for most people is allowing SSH, setting the permitted SSH user(s), making sure the permitted user(s) has a really good (unique) password, and forwarding port 22 from the router. When I did it I got fancy and put Google Authenticator on the SSH login, because passwords are messy, and I didn't want to accidentally add a user with a weak password, or change my password to something silly with a typo. But yeah, these days when competent providers are supplying a bunch of cheap storage online, it only really helps if you run automated stuff at home that needs TLC occasionally. I very specifically don't do this any more, because I also decided the risks weren't worth the gains, I've only missed it a couple of times. Alas router makers haven't cottoned onto this, and seem desperate to add loads of features you can get wrong, and that most people don't need, and which will be both insecure and redundant during the lifetime of the router probably.
Attachment:
signature.asc
Description: This is a digitally signed message part.
-- The Mailing List for the Devon & Cornwall LUG https://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq