Safest way of accessing a home computer from outside?

jim tate mickeyboa at sbcglobal.net
Sun Dec 31 18:23:29 UTC 2006 

Ahmed Hussain wrote:
> Hi , 
>
> Sorry I'm a newbie , what if I my router doesent have a public IP
> itself. I mean to say my provider provides me a 192.168.1.x of it's
> network and internally I have a lan. will I ever be able to access me
> personal system via router [provided my ISP provider will not change any
> of it's settings from his end ] . 
> wondering if any kind of dynaDSN or peer to peer can help me to do
> that .
>
> Any Suggestions ? 
>
> Regards,
> Ahmed Hussain
>
>
> On Sun, 2006-12-31 at 12:27 -0500, Jacques B. wrote:
>   
>> On 12/30/06, Timothy Murphy <tim at birdsnest.maths.tcd.ie> wrote:
>>     
>>> What is the safest way of allowing access to a home system
>>> from a remote computer?
>>> I am running Fedora-6 and shorewall.
>>>
>>> Any advice or suggestions gratefully received.
>>>
>>> --
>>> Timothy Murphy
>>> e-mail (<80k only): tim /at/ birdsnest.maths.tcd.ie
>>> tel: +353-86-2336090, +353-1-2842366
>>> s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland
>>>
>>> --
>>> fedora-list mailing list
>>> fedora-list at redhat.com
>>> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>>>
>>>       
>> I agree - ssh with no password and then use certificates to
>> authenticate.  And start it with the -X option if you want to be able
>> to run XWindows applications over ssh.
>>
>> As for a router, as was noted, you simply need to configure your
>> router so that all traffic coming in on whatever port you decide to
>> use for ssh (22 being the default) is forwarded to your ssh server.
>> You will want to assign a static IP to your ssh server (either
>> configuring the box itself, or if your router supports it, assign
>> static IP via DHCP for the nic in your ssh server).  It would also be
>> wise to disable root access via ssh.  If you need root access, you can
>> su or sudo once you've connected to your server.
>>
>> To copy files, you can use scp to access your ssh server.  If you
>> simply want to set up a shared drive on your server, then have a look
>> at hamachi.  I've played with it (the Windows version mind you, but
>> they have a Linux version as well).  You can find Hamachi at
>> http://www.hamachi.cc/.  The nice thing with Hamachi is that it's zero
>> configuration.  You don't have to open ports on your router to get it
>> to work.  The down side if you are paranoid is that you are relying on
>> someone else's network and product vs known/trusted ssh.
>>
>> And of course VNC and its flavours might do the trick.  I am pretty
>> certain you can tunnel VNC through ssh if you want to wrap a layer of
>> protection/encryption.  I had managed to get VNC to work over Hamachi
>> for a fleeing moment a while back (Windows box otherwise I would have
>> tried it with ssh).
>>
>> Jacques B.
>>
>>     
>
>   
If you keep your computer on most likely your ISP assign dhcp IP won't 
change.
Goto http://getip.com and you can get your IP address if it is changed.
There is such a thing as a Proxy Sever that will solve this problem.
I connect to a server 800 miles away using NX server at 
http://nomachine.com,
Installed on FC6 or 5 right out of the box.
The person , 800 miles away gets the IP address from getip.com and 
emails it to me and
I pull maintenance every week.
Crude way of doing things , but it works.

Jim




Jim

More information about the fedora-list mailing list