May 17, 2009

A secure remote folder share while traveling

Task, provide secure access to your home fileserver via Internet.

Instructions are geared for Debs...Ubuntu/Debian based systems.

Task: Set up a file repository on your home webserver, so that you can access your files anytime you are out connected to a hotspot, coffeeshop or through tethered your ATT phone via bluetooth* (*see my other blog for how to do this one)

Add ssh to your webserver, apt-get install sshd

Harden SSH so that it is more secure, 1. change the default port, 2. disallow root access.  3.  specify only needed users.

1.. For security reasons, we move ssh from port 22 to something higher 10022 for example.. (network scanners are less likely to find you and attempt to break in via brute force username/password attack)

You do this by modifying /etc/ssh/sshd_config and change the statement "port 22" to a port number above 1024 and below 65535,       port 10022

2..  then change "PermitRootLogin yes" to "PermitRootLogin no"

3.. Then add a statement that restrictrs who can login, keep it minimal like this: AllowUsers foo1 foo2

Restart ssh like this:   sudo /etc/init.d/ssh restart


now, test your login by attempting to log in ssh as root...should be denied, then try your login name that you spec'd up above in #3

works?   good, so far so good...

Now move along to your laptop, Eee machine, or whatever you carry around with you...  On Ubuntu, go to "places" then "connect to server", then select SSH from the service type pull down menu.  In the Server box, type in your webserver's IP address, in the PORT box put in whatever you used in   #1 above.

Username will be your user name that you allowed in #3 above.

Then when you hit connect, it will prompt for a password, which you enter, and then choose to "remember it forever".

Once this is done your "remote" folder will show up in your file browser, to pull files from your home server as needed to your remote device.




Click Here!