<html><head></head><body><div style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:13px;"><div></div>
<div><br></div><div>Agreed, I use non-standard ports on the public side as well, but it is not required. It takes next to no resources. I did realize the my statement was not clear. I meant to set up ssh to only authenticate with keys. </div><div><br></div><div>Most importantly to me is to not pass my traffic through a service that I do not have control over.</div><div><br></div><div>John Vaughters<br></div>
<div id="yahoo_quoted_3146180638" class="yahoo_quoted">
<div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;">
<div>
On Thursday, December 7, 2017, 4:43:52 PM EST, Brian via TriEmbed <triembed@triembed.org> wrote:
</div>
<div><br></div>
<div><br></div>
<div><div dir="ltr">If you want to cut down on the amount of hammering your SSH server gets <br clear="none">from the world at large (and it will get hammered, trust me[0]), you can:<br clear="none"><br clear="none">- Set up firewall rules that block attempts from anywhere but places you <br clear="none">expect to be (at a risk of being locked out if you're somewhere new), or<br clear="none">- Configure SSH to listen on a nonstandard port [1]<br clear="none"><br clear="none">I use a combination of both: my more-secure system has firewall rules, <br clear="none">but another system accepts connections on a non-standard port. Then, if <br clear="none">needed, I can connect to the secondary system with a key, from anywhere, <br clear="none">and open a hole in the firewall if necessary.<br clear="none"><br clear="none">-B<br clear="none"><br clear="none">[0] An open public port 22 will be quickly noticed by scanning bots. <br clear="none">With password authentication turned off, you don't need to be worried <br clear="none">about people breaking in, but it does cost CPU cycles and sockets to <br clear="none">connect and reject all the would-be attackers.<br clear="none"><br clear="none">[1] Security by obscurity is not security at all, but it can help you <br clear="none">fly outside the notice of the least-sophisticated script kiddies<br clear="none"><br clear="none">On 12/07/2017 04:03 PM, John Vaughters via TriEmbed wrote:<br clear="none">> I am personally not fond of middlemen.<br clear="none">><br clear="none">> Here is what you do and it is extremely secure:<br clear="none">><br clear="none">> 1. Learn about DDNS and implement it, now you have a domain.<br clear="none">> 2. Open ssh port 22 and learn how to set up keys and only authenticate<br clear="none">> on keys<br clear="none">> 3. Learn how to port forward with ssh and now you have access to any<br clear="none">> port on your Pi or any computer for that matter<br clear="none">><br clear="none">> John Vaughters<br clear="none">><br clear="none">> On Thursday, December 7, 2017, 3:18:04 PM EST, Carl Nobile via TriEmbed<br clear="none">> <<a shape="rect" ymailto="mailto:triembed@triembed.org" href="mailto:triembed@triembed.org">triembed@triembed.org</a>> wrote:<br clear="none">><br clear="none">><br clear="none">> Ken,<br clear="none">><br clear="none">> From reading their docs it seems you would be setting up a VPN between<br clear="none">> your RPI and their site. As long as the credentials were not being sent<br clear="none">> in the clear or they weren't using, what is called a developer key, they<br clear="none">> should be fairly safe. I would expect an OAuth2 token is used, but<br clear="none">> haven't dived into their docs too far yet.<br clear="none">><br clear="none">> Carl<br clear="none">><br clear="none">><br clear="none">> On Thu, Dec 7, 2017 at 3:09 PM, Ken Boone <a shape="rect" ymailto="mailto:kensrobots@gmail.com" href="mailto:kensrobots@gmail.com">kensrobots@gmail.com</a><br clear="none">> <mailto:<a shape="rect" ymailto="mailto:kensrobots@gmail.com" href="mailto:kensrobots@gmail.com">kensrobots@gmail.com</a>> [trianglerobotics]<br clear="none">> <<a shape="rect" ymailto="mailto:trianglerobotics@yahoogroups.com" href="mailto:trianglerobotics@yahoogroups.com">trianglerobotics@yahoogroups.com</a><br clear="none">> <mailto:<a shape="rect" ymailto="mailto:trianglerobotics@yahoogroups.com" href="mailto:trianglerobotics@yahoogroups.com">trianglerobotics@yahoogroups.com</a>>> wrote:<br clear="none">><br clear="none">> __<br clear="none">><br clear="none">> Has anyone played with this? Sounds simple but a little scary<br clear="none">> depending on a remote url.<br clear="none">><br clear="none">> Ken<br clear="none">><br clear="none">> <a shape="rect" href="https://www.pitunnel.com/" target="_blank">https://www.pitunnel.com/</a><br clear="none">><br clear="none">> __._,_.___<br clear="none">> ------------------------------------------------------------------------<br clear="none">> Posted by: Ken Boone <<a shape="rect" ymailto="mailto:kensrobots@gmail.com" href="mailto:kensrobots@gmail.com">kensrobots@gmail.com</a><br clear="none">> <mailto:<a shape="rect" ymailto="mailto:kensrobots@gmail.com" href="mailto:kensrobots@gmail.com">kensrobots@gmail.com</a>>><br clear="none">> ------------------------------------------------------------------------<br clear="none">> Reply via web post<br clear="none">> <<a shape="rect" href="https://groups.yahoo.com/neo/groups/trianglerobotics/conversations/messages/5440;_ylc=X3oDMTJwYXFkaWdhBF9TAzk3MzU5NzE0BGdycElkAzM3NTYxODEEZ3Jwc3BJZAMxNzA1MTM3MDc4BG1zZ0lkAzU0NDAEc2VjA2Z0cgRzbGsDcnBseQRzdGltZQMxNTEyNjc3MzUw?act=reply&messageNum=5440" target="_blank">https://groups.yahoo.com/neo/groups/trianglerobotics/conversations/messages/5440;_ylc=X3oDMTJwYXFkaWdhBF9TAzk3MzU5NzE0BGdycElkAzM3NTYxODEEZ3Jwc3BJZAMxNzA1MTM3MDc4BG1zZ0lkAzU0NDAEc2VjA2Z0cgRzbGsDcnBseQRzdGltZQMxNTEyNjc3MzUw?act=reply&messageNum=5440</a>><br clear="none">> • Reply to sender<br clear="none">> <mailto:<a shape="rect" ymailto="mailto:kensrobots@gmail.com" href="mailto:kensrobots@gmail.com">kensrobots@gmail.com</a>?subject=Re%3A%20PiTunnel> • Reply to<br clear="none">> group<br clear="none">> <mailto:<a shape="rect" ymailto="mailto:trianglerobotics@yahoogroups.com" href="mailto:trianglerobotics@yahoogroups.com">trianglerobotics@yahoogroups.com</a>?subject=Re%3A%20PiTunnel> • Start<br clear="none">> a New Topic<br clear="none">> <<a shape="rect" href="https://groups.yahoo.com/neo/groups/trianglerobotics/conversations/newtopic;_ylc=X3oDMTJlMXY3dTduBF9TAzk3MzU5NzE0BGdycElkAzM3NTYxODEEZ3Jwc3BJZAMxNzA1MTM3MDc4BHNlYwNmdHIEc2xrA250cGMEc3RpbWUDMTUxMjY3NzM1MA--" target="_blank">https://groups.yahoo.com/neo/groups/trianglerobotics/conversations/newtopic;_ylc=X3oDMTJlMXY3dTduBF9TAzk3MzU5NzE0BGdycElkAzM3NTYxODEEZ3Jwc3BJZAMxNzA1MTM3MDc4BHNlYwNmdHIEc2xrA250cGMEc3RpbWUDMTUxMjY3NzM1MA--</a>><br clear="none">> • Messages in this topic<br clear="none">> <<a shape="rect" href="https://groups.yahoo.com/neo/groups/trianglerobotics/conversations/topics/5440;_ylc=X3oDMTM0MzMzdTNsBF9TAzk3MzU5NzE0BGdycElkAzM3NTYxODEEZ3Jwc3BJZAMxNzA1MTM3MDc4BG1zZ0lkAzU0NDAEc2VjA2Z0cgRzbGsDdnRwYwRzdGltZQMxNTEyNjc3MzUwBHRwY0lkAzU0NDA-" target="_blank">https://groups.yahoo.com/neo/groups/trianglerobotics/conversations/topics/5440;_ylc=X3oDMTM0MzMzdTNsBF9TAzk3MzU5NzE0BGdycElkAzM3NTYxODEEZ3Jwc3BJZAMxNzA1MTM3MDc4BG1zZ0lkAzU0NDAEc2VjA2Z0cgRzbGsDdnRwYwRzdGltZQMxNTEyNjc3MzUwBHRwY0lkAzU0NDA-</a>><br clear="none">> (1)<br clear="none">><br clear="none">> ------------------------------------------------------------------------<br clear="none">> Have you tried the highest rated email app? <<a shape="rect" href="https://yho.com/1wwmgg" target="_blank">https://yho.com/1wwmgg</a>><br clear="none">> With 4.5 stars in iTunes, the Yahoo Mail app is the highest rated<br clear="none">> email app on the market. What are you waiting for? Now you can<br clear="none">> access all your inboxes (Gmail, Outlook, AOL and more) in one place.<br clear="none">> Never delete an email again with 1000GB of free cloud storage.<br clear="none">> ------------------------------------------------------------------------<br clear="none">> Visit Your Group<br clear="none">> <<a shape="rect" href="https://groups.yahoo.com/neo/groups/trianglerobotics/info;_ylc=X3oDMTJlZHBxazY4BF9TAzk3MzU5NzE0BGdycElkAzM3NTYxODEEZ3Jwc3BJZAMxNzA1MTM3MDc4BHNlYwN2dGwEc2xrA3ZnaHAEc3RpbWUDMTUxMjY3NzM1MA--" target="_blank">https://groups.yahoo.com/neo/groups/trianglerobotics/info;_ylc=X3oDMTJlZHBxazY4BF9TAzk3MzU5NzE0BGdycElkAzM3NTYxODEEZ3Jwc3BJZAMxNzA1MTM3MDc4BHNlYwN2dGwEc2xrA3ZnaHAEc3RpbWUDMTUxMjY3NzM1MA--</a>><br clear="none">><br clear="none">><br clear="none">> Yahoo! Groups<br clear="none">> <<a shape="rect" href="https://groups.yahoo.com/neo;_ylc=X3oDMTJkZjZxOWNzBF9TAzk3NDc2NTkwBGdycElkAzM3NTYxODEEZ3Jwc3BJZAMxNzA1MTM3MDc4BHNlYwNmdHIEc2xrA2dmcARzdGltZQMxNTEyNjc3MzUw" target="_blank">https://groups.yahoo.com/neo;_ylc=X3oDMTJkZjZxOWNzBF9TAzk3NDc2NTkwBGdycElkAzM3NTYxODEEZ3Jwc3BJZAMxNzA1MTM3MDc4BHNlYwNmdHIEc2xrA2dmcARzdGltZQMxNTEyNjc3MzUw</a>><br clear="none">><br clear="none">> • Privacy<br clear="none">> <<a shape="rect" href="https://info.yahoo.com/privacy/us/yahoo/groups/details.html" target="_blank">https://info.yahoo.com/privacy/us/yahoo/groups/details.html</a>> •<br clear="none">> Unsubscribe<br clear="none">> <mailto:<a shape="rect" ymailto="mailto:trianglerobotics-unsubscribe@yahoogroups.com" href="mailto:trianglerobotics-unsubscribe@yahoogroups.com">trianglerobotics-unsubscribe@yahoogroups.com</a>?subject=Unsubscribe><br clear="none">> • Terms of Use <<a shape="rect" href="https://info.yahoo.com/legal/us/yahoo/utos/terms/" target="_blank">https://info.yahoo.com/legal/us/yahoo/utos/terms/</a>><br clear="none">><br clear="none">> .<br clear="none">><br clear="none">> __,_._,___<br clear="none">><br clear="none">><br clear="none">><br clear="none">><br clear="none">> --<br clear="none">> -------------------------------------------------------------------------------<br clear="none">> Carl J. Nobile (Software Engineer)<br clear="none">> <a shape="rect" ymailto="mailto:carl.nobile@gmail.com" href="mailto:carl.nobile@gmail.com">carl.nobile@gmail.com</a> <mailto:<a shape="rect" ymailto="mailto:carl.nobile@gmail.com" href="mailto:carl.nobile@gmail.com">carl.nobile@gmail.com</a>><br clear="none">> -------------------------------------------------------------------------------<br clear="none">> _______________________________________________<br clear="none">> Triangle, NC Embedded Computing mailing list<br clear="none">> <a shape="rect" ymailto="mailto:TriEmbed@triembed.org" href="mailto:TriEmbed@triembed.org">TriEmbed@triembed.org</a> <mailto:<a shape="rect" ymailto="mailto:TriEmbed@triembed.org" href="mailto:TriEmbed@triembed.org">TriEmbed@triembed.org</a>><br clear="none">> <a shape="rect" href="http://mail.triembed.org/mailman/listinfo/triembed_triembed.org" target="_blank">http://mail.triembed.org/mailman/listinfo/triembed_triembed.org</a><br clear="none">> TriEmbed web site: <a shape="rect" href="http://TriEmbed.org" target="_blank">http://TriEmbed.org</a><div class="yqt3721955562" id="yqtfd53220"><br clear="none">><br clear="none">><br clear="none">> _______________________________________________<br clear="none">> Triangle, NC Embedded Computing mailing list<br clear="none">> <a shape="rect" ymailto="mailto:TriEmbed@triembed.org" href="mailto:TriEmbed@triembed.org">TriEmbed@triembed.org</a><br clear="none">> <a shape="rect" href="http://mail.triembed.org/mailman/listinfo/triembed_triembed.org" target="_blank">http://mail.triembed.org/mailman/listinfo/triembed_triembed.org</a><br clear="none">> TriEmbed web site: <a shape="rect" href="http://TriEmbed.org" target="_blank">http://TriEmbed.org</a><br clear="none">><br clear="none"><br clear="none"><br clear="none">_______________________________________________<br clear="none">Triangle, NC Embedded Computing mailing list<br clear="none"><a shape="rect" ymailto="mailto:TriEmbed@triembed.org" href="mailto:TriEmbed@triembed.org">TriEmbed@triembed.org</a><br clear="none"><a shape="rect" href="http://mail.triembed.org/mailman/listinfo/triembed_triembed.org" target="_blank">http://mail.triembed.org/mailman/listinfo/triembed_triembed.org</a><br clear="none">TriEmbed web site: <a shape="rect" href="http://TriEmbed.org" target="_blank">http://TriEmbed.org</a></div></div></div>
</div>
</div></div></body></html>