Subj : Re: SSH or no? (was: Nightmares / Dreams)
To   : Andre
From : 2twisty
Date : Thu Mar 31 2022 17:49:38

 An> On unix it's like a five minute job if you've never done it before,
 An> including the web search for how to do it. Super easy.

Been thinking about this: 

1) Having the well-known ports open (22/23) is more of a risk for portscan/DDOS than obfuscated ports.  Not that 2222 and 2323 aren't OBVIOUS alternatives...

2) instead of moving sshd on the internal network, just port forward 22 and 23 to 2222 and 2323 respectively in the firewall.  That way when you are internal you can still just ssh user@bbs.contoso.com for admin purposes, and set your terminal software inside the network to 2222/2323.  Leave 2222 and 2323 forwarded as well so if you take your laptop outside your network, you don't have to mod your terminal settings.  This would keep your linux server more "standard" on the inside of your network. If I *needed* to access the terminal from outside, I have other means (VPN, TeamViewer to internal host, etc) to get to that terminal from outside the network.

I'm gonna change that country file and then do #2.

--- Mystic BBS v1.12 A47 2021/12/24 (Linux/64)
 * Origin: The Ratrace Losers (21:3/166)

.