14 Nov
2005
14 Nov
'05
14:57
Ralf Ronneburger wrote:
piet wrote:
Good morning group,
I want to access my server(home based SuSE-box) through the Internet so I can upload images with winscp from my XP-laptop. Is it safe to just open port 22 for the external world, or do I need extra safety measures? regards, piet
Hi Piet,
also take a look at scponly and use this as a shell for your upload-user. It locks the remote user into a chroot-environment, so the damage that the remote-user can do is limited.
Greetings,
Ralf
Also do this: 1: Configure tcp wrappers to limit access to only neccessary networks / IP's. 2: Use iptables ( yast2 firewall configurator works fine ) to limit access to only neccessary networks / IP's.