Answer the question
In order to leave comments, you need to log in
Secure connection from Macbook to home server
Recently I became a happy owner of a macbook, now I’m thinking about how to provide secure access to a non-home Internet (at work, in a cafe, etc.) to a home server (with ubuntu), where many of the necessary files are stored.
The server is connected to a router, it is not a problem to open the necessary server ports. But what's next? Do ssh tunnel from mac to server?
I have never faced such tasks, I hope the community will tell you the fastest, easiest, and most importantly, the safest way to connect. :)
And a follow-up question. What can be done so that when connected to a certain network (in particular, I need to home wi-fi), nfs balls are mounted? And then samba does not want to be displayed in any way :(
Answer the question
In order to leave comments, you need to log in
Regarding accessing remote files: Have
a look at Sparkleshare . It rises very quickly. Represents Dropbox on a knee. That is, the files will be synchronized between your laptop and the server.
Another option is osxfuse+sshfs . With this method, the selected server directory is mounted via ssh connection on your laptop.
Both methods can use key authentication.
I set up a VPN on the router. I connect to it from anywhere and get into my home network.
Time Capsule network connections are detected without problems. SMB also works on it. Even Time Machine makes backups via VPN.
You can look at the WebDAV stonator , even a Yandex disk can be used using this protocol (it has long been common), in principle it is not difficult to raise it.
I use tunnelblick both on proshchka and on the tunnelblick mini, since my big server is in my parents' apartment, everything is fine
raise ssh on ubuntu, put cyberduck on poppy. connect via sftp. forward the ssh port on the router. with a normal password, no one will hack into life, the traffic is encrypted.
second option. on or on the router to raise the l2tp service. on ubuntu nfs. mount as daddies on the desktop.
I support the SSH + SFTP solution as the easiest (in my opinion) and fastest to implement. For additional For protection, I recommend:
1. Change the ssh server port from the default 22 to another (as an option - forward not 22-> 22 on the router, but something_other-> 22)
2. Use port knocking technology so that no one else is hammered. You can read more about this here:
Port knocking or how to protect yourself from ssh brute . Protecting the
system. Or how to configure and use port knocking
PS Several offtopic, because off topic. But, suddenly it will be interesting, because nevertheless a bit of tasks have something in common:
an SSH tunnel home without having to leave your home PC turned on
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question