michaelk hit the nail on the head, take a look at my sig for some howto guides for setting up ssh keys.
their is an ongoing debate with port forwarding of known ports for specific services like ssh (port 22) to be moved to a different port external facing. ie: instead of port 22, use port 222 or something like that.
I ran an IPCop firewall for years and looking over the log files, port 22 was constantly hammered by script kiddies and real attackers from China, Iran, Russia, etc... Thankfully iptables has rules to drop full blocks of IP ranges so dropping China and other bad actors was not hard. I do use an alternate port and looking over the logs that port was only tapped, scanned when in use by myself or others how know and have access to my network.
noip.com has a good CLI tools that can run as a service on your system if you trust it, i have done this from time to time, but also as mentioned I no longer need it as my IP has not rolled in over 3 years.
|