Any disadvantages of shared secret keys (openvpn)
Newbie here dealing with network security (!). I have an ftp/sshd/NX server that I need to access from the internet.
Originally, I accessed my server via ssh and ftp using passwords. I routinely closed these ports remotely via hardware firewall when I didn't need them. The firewall has an https web server (password protected) that is always accessible from the internet. So... I always had at least one port open on the network (firewall's web interface) and sometimes two (sshd) or three (ftpd).
Recently, I added a vpn utilizing shared-secret-keys (no passwords=no brute force attacks), and now can close off ports 21 and 22 to the outside. I think that I can even close the firewall's web interface to the outside too, right? Instead of 2 or 3 open ports I'll have one - which won't be susceptible to brute force attacks. Plus, I can still use all the above services once I'm connected to the vpn.
Aside from the threat of a stolen laptop with the shared-secret-key, am I right thinking that my new setup is more secure? Am I getting a free lunch?
Thanks for any input.