[NBLUG/talk] Home Linux Server

E Frank Ball frankb at frankb.us
Wed Dec 13 16:39:39 PST 2006


On Wed, Dec 13, 2006 at 04:01:06PM -0800, Nat W. wrote:
 > 
 > So I figured I would install Linux on this server, set up a samba share, all
 > no problem. But here comes the difficult part, and something I could not
 > find any answers to. 
 > 
 > You see, I am a college student, and the server is behind a Linksys router
 > around 250 miles away. So my issue is, what is the best way to set up the
 > server so I can ssh / ftp into it. (ftp is so my dad can use it from work).
 > What do I need to change so I can access this server from the internet? I
 > assume I'll need to open some ports on the router and forward them to the
 > server and then I need something to deal with the dynamic ip, I've heard
 > this is possible, but never really found a good answer or implemented it. I
 > own a domain I could hook up to it, if someone wants to suggest how to go
 > about that.
 > 
 > Finally, Is this legal? I guess this should really be the first question I
 > should ask, but where would I find out whether or not I can even put my
 > server on the net?

Legal?  Sure, but running "servers" may be a violation of your contract
with your ISP.  I doubt that anyone will object to an ssh server, but
mail or webservers may not be OK.  (one more reason to use Sonic.net,
they don't mind servers at all).  I've had my linux server on my ADSL
online for years.

There are a lot of portscans for ssh servers, so caution is advised.
Requiring ssh key pairs to login is an excellent preventitive meausure.
Moving ssh to a non-standard port number to hide it has proven effective
on my machine.  You can also restrict access further in
/etc/ssh/sshd_config by limiting logins to restricted login/IP ranges.

I strongly suggest NOT running an ftp server.  ftp delivers the password
in the clear where it can be sniffed, then you can be hacked.  Teach
your dad how to install "putty" and use sftp or scp (part of the ssh
package).

There are DNS places that deal with dynamic IPs, but I've never done it.
ZoneEdit is good:  http://zoneedit.com/doc/dynamic.html?

Where is your domain name registered?  Do they offer free DNS?
You might want to setup this machine as a subdomain on your domain name.

-- 

   E Frank Ball                frankb at frankb.us



More information about the talk mailing list