[NBLUG/talk] Home Linux Server

Nat W. calvin166 at pseudoweb.net
Wed Dec 13 17:04:04 PST 2006


Thanks walter and frank, these are great places to start, I think I'll
definitely use only ssh.

In terms of domain hosting, my domain is hosted at nydomain.com, which
claims to have free dns management, which I assume is what I need? How would
I link lets say http://ssh.natwelch.com to my ssh server? Or is this
something that is different dependant by host?

/Nat 
-----Original Message-----
From: talk-bounces at nblug.org [mailto:talk-bounces at nblug.org] On Behalf Of E
Frank Ball
Sent: Wednesday, December 13, 2006 4:40 PM
To: General NBLUG chatter about anything Linux, answers to questions,etc.
Subject: Re: [NBLUG/talk] Home Linux Server

On Wed, Dec 13, 2006 at 04:01:06PM -0800, Nat W. wrote:
 > 
 > So I figured I would install Linux on this server, set up a samba share,
all
 > no problem. But here comes the difficult part, and something I could not
 > find any answers to. 
 > 
 > You see, I am a college student, and the server is behind a Linksys
router
 > around 250 miles away. So my issue is, what is the best way to set up the
 > server so I can ssh / ftp into it. (ftp is so my dad can use it from
work).
 > What do I need to change so I can access this server from the internet? I
 > assume I'll need to open some ports on the router and forward them to the
 > server and then I need something to deal with the dynamic ip, I've heard
 > this is possible, but never really found a good answer or implemented it.
I
 > own a domain I could hook up to it, if someone wants to suggest how to go
 > about that.
 > 
 > Finally, Is this legal? I guess this should really be the first question
I
 > should ask, but where would I find out whether or not I can even put my
 > server on the net?

Legal?  Sure, but running "servers" may be a violation of your contract
with your ISP.  I doubt that anyone will object to an ssh server, but
mail or webservers may not be OK.  (one more reason to use Sonic.net,
they don't mind servers at all).  I've had my linux server on my ADSL
online for years.

There are a lot of portscans for ssh servers, so caution is advised.
Requiring ssh key pairs to login is an excellent preventitive meausure.
Moving ssh to a non-standard port number to hide it has proven effective
on my machine.  You can also restrict access further in
/etc/ssh/sshd_config by limiting logins to restricted login/IP ranges.

I strongly suggest NOT running an ftp server.  ftp delivers the password
in the clear where it can be sniffed, then you can be hacked.  Teach
your dad how to install "putty" and use sftp or scp (part of the ssh
package).

There are DNS places that deal with dynamic IPs, but I've never done it.
ZoneEdit is good:  http://zoneedit.com/doc/dynamic.html?

Where is your domain name registered?  Do they offer free DNS?
You might want to setup this machine as a subdomain on your domain name.

-- 

   E Frank Ball                frankb at frankb.us

_______________________________________________
talk mailing list
talk at nblug.org
http://nblug.org/cgi-bin/mailman/listinfo/talk




More information about the talk mailing list