On 17/03/2021 19.42, Gustav Degreef wrote:
Hello,
I read with great interest the entire recent thread "Possible malware?" and tried to make sure that I set my firewall (firewalld) to block all ssh connections from outside my home LAN. My ISP provides access via cable modem and I set up my own router.
There are 3-4 laptops running opensuse 15.x (and 2 android phones) on my home network (adresses configured with DHCP) and I log in periodically via ssh (as user, not root) to the other computers to fix various issues.
Via the yast2 firewall configuration I set only the "public", "internal" and "home" zones to have ssh as an allowed service. The "external" and other zones do not have ssh allowed.
Why that many zones? You need only one per network interface.
I read quite a few articles on the firewall configuration, but I am not sure that I set it right. Is there anything else I should do? Thanks, Gustav.
I'm confused. - Do you need access via ssh from Internet? - your router, what does it run? Is it a computer acting as router and running openSUSE, or is it a normal, purchased router, or provided by your ISP? -- Cheers / Saludos, Carlos E. R. (from 15.2 x86_64 at Telcontar)