Finally – after all these years – getting around to turning some of my choicest posts here into LQ "blog posts."

(Hey, if I'm gonna become famous, I'd better get started ...)

Here's the Link ...

This post is addressed to "all of you folks who innocently deployed an Internet-facing server and who just-as-innocently hoped to use 'ssh, alone' to control access to it," and who are now being buried with "script-kiddies" who are trying to guess your passwords ... hundreds of times per second.

This post suggests how you can not only "stop them in their tracks," but actually disappear, completely(!) ... ... from their infernal Radar!

Just by implementing an idea that you use every day at work (while trying to hold your briefcase and your Starbucks® at the same time).

... and (oh yeah) another idea borrowed from the Dr. J R R Tolkein's Dwarf-Kings.

Enjoy™!

Nicely written! Bravo.

From someone who has never set up a public-facing server (so excuse the naive question), how would you technically change between using ssh and openvpn if you're actually logged in to the system at the time using the ssh link provided by the server host? Would it not be like sawing off the branch you're sitting on?

Very nicely done!

I have a draft-project-in-progress blog post and learning experience myself, all about the benefits of using your LQ blog and how that use should complement, but not compete with LQ forum posts...

I think I just found another useful example to cite!

One comment: As you add new and useful blog posts, use categorization to organize them! I have found very little use of the blog categorization feature making the job of sifting other's blog posts an obscure task!

More! More!

From your description, it rather sounds to me like you are presuming a "shared hosting" scenario, where you are merely "buying time" on someone else's Linux box and you have no control over the actual machine. (All that you have is, as you say, "a SSH-link provided by the server host.") This is not my scenario.

("If you live in your own house, out in the country, you can put that new outhouse anywhere you please." However, "if you live in the city, you must poop where they let you!")

My scenario presumes that you are using a virtual machine, or a group of "containers," which is therefore entirely under your control.

Some shared-hosting companies are far-sighted enough to offer OpenVPN, but not too many. (Yet, why on earth are you using "shared hosting," anyway?)

1 members found this post helpful.