Subj : Re: Nightmares / Dreams To : McDoob From : 2twisty Date : Thu Mar 31 2022 17:25:35 Mc> That's not a stupid question, and I leave it to more experienced people Mc> than I to answer. However, I am loathe to give anyone core access to my Mc> device, and that's exactly what I use SSH for. (please pardon the snark here) I *AM* one of those "more experienced people" when it comes to SSH and Telnet. I'm no haxx0r g0d or anything close, but I have enough professional experience to know this. OK, I think I understand where you might be a little confused. On my Ubuntu box, I run an ssh server on the standard port of 22. That port is NOT available from the outside. The server on port 22 is the one that gives me shell access to the Ubuntu Server underlying OS. Mystic (mis, actually) runs its OWN server that I set to port 2222. Connecting on port 2222 connects you to the BBS only; it goes nowhere near a shell into the ubuntu box. I then forward port 2222 from the outside to port 2222 on the inside in the firewall. This is exactly the same thing you do when you enable telnet on your BBS and use an alternate port like 2323. I don't run a telnet server on port 23 open to the world for any service of any kind since SSH is more secure, and my SSH server that grants terminal access to Ubuntu is not forwarded. If you really want to be properly secure, you'd set up a VPN endpoint on your router and force users to connect to the VPN first and then telnet/ssh into the BBS. But that is WAY more complicated and still uses the same public/private key encryption that SSH does. --- Mystic BBS v1.12 A47 2021/12/24 (Linux/64) * Origin: The Ratrace Losers (21:3/166) .