MEPIS Community Forum

Good point!

btw, the proxying capability that SSH and port forwarding allows works VERY well.

you can also do remote desktop stuff over SSH and it works, but most ISPs throttle your upload bandwidth so you'll need to take care how much graphical data you're pushing to your remote location. compression would help this too.

I believe that tightvnc, whichis in the repos, supports compression. I might have to up my bandwidth...

I've seen a few pages that describe different kinds of port forwarding. Specifically, the link mentioned above (https://help.ubuntu.com/community/SSH/O ... Forwarding) notes that there is local port forwarding, remote port forwarding and dynamic port forwarding. It's all a bit foggy to me still, but I think I'd just need to do local port forwarding...no?
Thanks,
Chris

you'll want to find some dynamic dns solution that allows you to assign a hostname to your router's DHCP address - dyndns was a way to do this, but think they've since stopped taking new members. depending on your router software, there's client software that is used to automatically periodically check the IP and update the record. you really need this because your router/modem IP is not guaranteed unless you've paid for a static IP.

you're not going to want to use dynamic port forwarding because you need to setup your router so it can forward inbound traffic on a particular port, to a particular host. so, SSH is typically port 22 and would be forwarded to port 22 on your home machine - it's strongly suggested to use an alternative port, one that is outside of the assigned IANA ports. so, for instance traffic to port 22222 would forward to port 22. it's a security measure aimed at reducing brute force attacks.

btw, if you are going to do this make sure you INSTALL fail2ban. not only does it automatically bans (either permanently, or temporarily depending on how you config it) IPs that it deems to be attacking your system.

there are a couple of good set of instructions on how to use SSH for port forwarding:

for linux, http://www.debianadmin.com/howto-use-ss ... rding.html
for windows, http://www.dotcomunderground.com/blogs/ ... o-hide-ip/

do you use dd-wrt or some other open source router firmware? there are plenty of howtos on setting up your router for port forwarding, and also on how to properly secure your SSH server setup

Thanks for all of those pointers. fail2ban is on my list to do. I have DD-WRT on a buffalo AirStation. I've had trouble getting the port forwarding to work , but I think that it's an issue with something called a "loopback". I have some bookmarks for sites that talk about the solution.

Best,
Chris

this option works with dd-wrt. it takes a bit to get things setup, but i've had it working in the past.

also, plenty of the free dyndns options also work with dd-wrt.

For remote desktop access I've always recommended NX from Nomachine. When I needed remote access that work perfectly, it was easy to setup and it it beat in performance any other VNC solution that I tried.

i've used NX for remote desktop access, too. it works well and provides a number of options to improve response times.

Sorry I'm late to the discussion, but I regularly use NX for remote access of my home computer while travelling. It defaults to a secure connection. I've also set up fail2ban. As an additional precaution, I close the ports on my router when I don't plan on travelling for a while.

Another option is Team Viewer (in the repositories). I've experimented around with it some, and I remember it being easier to setup. However I think it uses their servers to make connections similar to other services. I just prefer not having to rely on the security (or trustworthiness) of a 3rd party.

Yep, that's why I'm staying away from Hamachi.
NX is not open source, that's my only beef with it. But it is peer to peer, and works over SSH, so I don't see how it could really be doing anything too nefarious...