April 4, 20206 yr First need to state I am a noob. I sometimes need to enable SSH because I use an application called Transmit to connect to my unraid server remotely over SFTP, when I am not on my home network. Initially, not knowing any better I just left SSH enabled on my server, but the plugin "Fix Common Problems" warned SSH was enabled and the port was getting hit thousands of times. Someone was scanning ports and trying to brute force their way in, I kept seeing "wrong password attempt" in my log file from an IP in China. This also started filling up my cache disk with a massive log file. So I disabled SSH (see attached). Now I only enable SSH through the unraid GUI when I need to connect with SFTP, and then I disable it afterwards. Is that the proper way to do this or is there a better way to securely connect over SSH/SFTP and not worry about getting bruteforced? Edited April 4, 20206 yr by cromwell
April 4, 20206 yr The ideal way to access the server (gui / ssh etc) is via a vpn of some sort (wireguard / openvpn). The millisecond after any port is opened on your router, script kiddies will try and access looking to see if they can log in. All quite automatic and scripted to continually scan the internet looking for stuff like this. Opening up a port for Plex et al to communicate via however is OK.
April 4, 20206 yr Author 12 minutes ago, Squid said: The ideal way to access the server (gui / ssh etc) is via a vpn of some sort (wireguard / openvpn). The millisecond after any port is opened on your router, script kiddies will try and access looking to see if they can log in. All quite automatic and scripted to continually scan the internet looking for stuff like this. Opening up a port for Plex et al to communicate via however is OK. I have Binhex Deluge installed which includes a vpn and it has privoxy. Can I do what you're saying with that or do I need to setup wireguard/openvpn separately?
April 4, 20206 yr They are different types of VPNs. Binhex Deluge connects to a commercial VPN provider to hide your Deluge traffic. This discussion is about letting you VPN into your home network to manage your server, commercial VPN is not involved. Unraid has WireGuard support built-in: https://forums.unraid.net/topic/84226-wireguard-quickstart/
Archived
This topic is now archived and is closed to further replies.