[mythtv-users] Light ncurses frontend
Karl Newman
newmank1 at asme.org
Wed Mar 5 19:43:19 UTC 2014
On Wed, Mar 5, 2014 at 10:31 AM, Michael T. Dean <mtdean at thirdcontact.com>wrote:
> On 03/05/2014 01:17 PM, Karl Newman wrote:
>
>> I really love the idea of this, but I wish it were incorporated into
>> every SSH client (PuTTY would be awesome). If you want to access your
>> server from a device you don't own/control, it's easier to find a client
>> with SSH installed than to find one with SSH plus SPA/FWKNOP.
>>
>
> BYOC. Assuming you can connect your phone to the network, you can use it
> to issue a request, which will open the port for SSH from the network
> (assuming NAT'ed network). Or, fix the "dumbed down" client app available
> on, e.g. Android, to let you type in an "allow IP" address (rather than
> just selecting one from a drop-down of addresses on the client system),
> then use your phone's client and network to send a request for the
> device/network you don't own/control.
>
> Anyway, my btmp is really happy with fwknop/SPA (and having seen how many
> miscreants are attempting SSH login on systems--even on non-standard
> ports--I feel much better not leaving an SSH port open on my network).
>
> Mike
>
Now that I actually own a real smartphone that may be an option. Up to now
I've been using fail2ban to block IPs based on failed login attempts and it
works reasonably well, but SPA would definitely be an improvement in
security. I do still want public port 80 (and 443) access, though, because
I host my photo gallery. I guess I don't worry too much about the server
getting compromised because it's primarily a myth box anyway, and it's just
TV... I do make nightly backups of the important stuff (photos mainly...).
Karl
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.mythtv.org/pipermail/mythtv-users/attachments/20140305/3cc83fe3/attachment.html>
More information about the mythtv-users
mailing list