Ubuntu server remote file access

Hal Burgiss hal at burgiss.net
Sat Sep 28 13:59:27 UTC 2013


On Sat, Sep 28, 2013 at 8:37 AM, David Fletcher <dave at thefletchers.net>
wrote:
 On Sat, 2013-09-28 at 06:18 -0400, Paul Cartwright wrote:
> On 09/27/2013 04:30 PM, compdoc wrote:
> > Either way, a VPN is preferred, IMO.
> I use a VPN at work, but I'm not sure which one to install or how to set
> it up for me. I have a router at home, and if I go on vacation I'd like
> to be able to VPN in to my ubuntu box..
> suggestions??
>

Paul,

I'm now using Caja (I'm running Mint with Mate) to browse my home folder
on my server from about 30 miles away at a friend's house.

I'm using ssh not VPN because it seems it is secure with the correct
precautions and I'm still not sure if VPN only connects two fixed
networks together or not. Anyway, this is what I've now done:-

1)
You (and everybody else who needs to ssh or sshfs into your server) need
to run ssh-keygen if you haven't already, to create your private +
public key pair.

2)
Everybody now needs to copy (or append) the contents of
~/.ssh/id_rsa.pub on the machine on which they just generated the keys
to ~/.ssh/authorized_keys on the remote machine.

3)
Check that everybody can now ssh into the remote machine without a
password being requested.

4)
On the remote machine, disable password logins by
editing /etc/ssh/sshd_config and changing (on my Ubuntu 10.04 server)
the lines

# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes

to

# Change to no to disable tunnelled clear text passwords
PasswordAuthentication no

and then do something like
sudo /etc/init.d/ssh restart

5)
On your router, log in as admin and find the page that lets you set up
port forwarding. Add a line that forwards port 22 to the server. As
others have pointed out, if you want to be super paranoid, you can again
edit /etc/ssh/sshd_config and change the port number. I've not tried
this but I don't anticipate having a squadron of super attractive female
stunt pilots flying over my house dispensing anaesthetic gas from Piper
Cubs!

6)
That's it. You should now be able to log in and use your file server
from anywhere in the world. Note that I use a no-ip URL that I set up
because I only have a consumer type dynamic IP connection.

Any criticisms from those more knowledgeable than me gratefully
accepted.

OP



--
ubuntu-users mailing list
ubuntu-users at lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20130928/eaba6523/attachment.html>


More information about the ubuntu-users mailing list