remote accessing linux system

Question

I would like to access my Linux system's command shell remotely.

The system runs at home behind a router which connects it to the internet. I was thinking I could forward a port on the router to the IP address of the Linux system, so I can use any SSH client to connect to my home IP address and will be forwarded to the computer.

Now, I´m fairly new to Linux, so please excuse me if I ask any obvious questions.

So is this a sensible idea? What do I have to do to make this solution safe? I can see I have tons of users which I didn't create myself, will they have default passwords which could by abused to access my system? How can I check for this? Should I use another approach all together?

How to harden an SSH server: most importantly, don't allow password authentication (use keys instead) and don't allow root login — steeldriver, Dec 02 '15 at 13:16

score 0 · Answer 1 · answered Dec 02 '15 at 13:15

You just have to forward port 22 (default) from your router to the computer's IP address (make sure it is static).

Ideally set up iptables firewall rules - this is a big job.

Also learn about ssh and ssh hardening (you will want to use keys and not passwords).

I wouldn't worry about the additional users unless you added any yourself. They are there for other services/daemons. Also check your sudoers file to see who has root permissions etc.

score 0 · Answer 2 · answered Dec 02 '15 at 13:22

Setting up SSH access is a normal security risk for servers.

You will need to setup dynamic DNS (DDNS) unless you have a static IP address. Most residential customers have addresses that change periodically, and you need some way to advertise to the outside world when your address changes. Some routers have support for this out of the box, but otherwise you can setup a DDNS client on your server.

See steeldriver's link on hardening SSH.

remote accessing linux system

2 Answers2