Posted: Sun Mar 05, 2017 15:53 Post subject: How can I increase my remote connection security? (Beginner)
Firstly, my setup is rather strange because my ISP router and my own desktop computer are in a different room than my own router using DD-WRT firmware. That way, when I want to configure this router, I have to connect to it using its WAN connection, but I'm still in a LAN network provided by my ISP's router.
(No, my desktop PC doesn't have a wifi adapter nor I want to use one)
Right now, my desktop computer has a permanent IP that is the only one allowed to get remote access to my router. Still, I think it's a pretty low security measure because it isn't even using HTTPS protocol, although at least it doesn't use the default port.
I only have a general idea about what SSH is, and also, that it uses certificates to make the remote connection secure. In addition, I want to run a VPN server in my router (the one using DD-WRT), and it seems that I have to generate certificates too, but I don't know if I can use them to create a SSH connection. By the way, the purpose of creating a VPN server in my router is that when I'm using my laptop away from home and connecting to a public Wifi, I could have a much better security than any other user of the same Wifi, HOWEVER, I don't want to use my laptop to remotely administer my router. The computer intended for that task would be my desktop PC only.
So that's the situation, I want to make my desktop PC the one that has exclusive administration rights, but I don't know how.
One way to do that is setup the dd-wrt router as a wireless Access point so that it has the same network as the ISP router. You may find that it also make it easier for you to setup VPN server later. If you have further question on VPN setup, please post your question on the Advanced Networking sub-forum.
Joined: 26 Mar 2013 Posts: 1858 Location: Hung Hom, Hong Kong
Posted: Mon Mar 27, 2017 16:53 Post subject: Re: How can I increase my remote connection security? (Begin
Pilum wrote:
I only have a general idea about what SSH is, and also, that it uses certificates to make the remote connection secure. In addition, I want to run a VPN server in my router (the one using DD-WRT), and it seems that I have to generate certificates too, but I don't know if I can use them to create a SSH connection. By the way, the purpose of creating a VPN server in my router is that when I'm using my laptop away from home and connecting to a public Wifi, I could have a much better security than any other user of the same Wifi, HOWEVER, I don't want to use my laptop to remotely administer my router. The computer intended for that task would be my desktop PC only.
Not exactly "certificates", but private and public key authentication.
They should give you some ideas on key authentication. Once you understood that, Google "putty ssh tunnel"! I think SSH tunneling is a limited or restrained version of VPN in my opinion. _________________ Router: Asus RT-N18U (rev. A1)
Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!