[mdlug] Setting up a home network
Joseph C. Bender
jcbender at bendorius.com
Mon Jan 26 09:39:41 EST 2009
Raymond McLaughlin wrote:
>
> I recommend that you pick another port on your router for ssh, a high
> number above 1024, something you an remember (I use my house number).
>
I will second this one, though I usually run *two* inbound ports to the
SSH host (though in my case, SSH is running on the firewall itself).
I usually pick 2222 and 443.
Why 443 (where https usually hangs out), you might ask?
I've found that on many fascist, poorly set up public networks (such as
many hospital's public wireless networks), one will often have problems
getting outbound access on anything other than TCP/80 (via transparent
proxy) and TCP/443. TCP/443 being encrypted usually, it's opened and
non-proxied. I can SSH out to my home system (and I've got an ssh
instance listening on TCP/443 on one of my co-located servers) and then
SSH tunnel out from there. "ssh -D" which implements a SOCKS proxy is
your friend in situations like that (PuTTY has a similar feature).
-JCB
More information about the mdlug
mailing list