Any good guides on setting up a homeserver?
I'd want:
SSH login via keys only
VNC over SSH
Fail2Ban and similar
BTSync
Other /g/approved items
Do you have your machine running?
We can guide you.
>>46736352
yeah ummm get a decent chair and a decent desk
>>46736376
Machine is running Debian. VNC access is setup, but not via SSH.
>>46736395
You can literally find all of that in Google.
Or in man pages.
Running my own box for that reason.
Throw a copy of FreeNAS onto it and it works like a charm!
>>46736352
>VNC over SSH
juse use NX
>>46736710
I don't want to use FreeNAS as I want to do more than just NAS on it.
>>46736395
>vnc
For a server you want something without a GUI if possible. Increases security.
Set
PasswordAuthentication no
in your SSHD config
If it's for your home server don't bother using private keys with SSH
Just use a secure password and you'll be fine
>>46736792
fuck you
>>46736352
Why would you want GUI on a server? Wjat graphical applications will you be using?
>>46736788
The server will also have a use as allowing me to remotely use it, with something like a Raspberry Pi as a thin-client. These will be virtual machines that it actually uses as the GUI but for now, whilst I'm setting up, I will want to keep GUI going.
I will be using SSH keys only, but want to be careful to set it up correctly.
>>46736792
I would like to have some remote access, so will go for maximum security.
>>46736850
See top part of reply.
>>46736850
>fuck you
Give me one good reason how using a secure password is less secure than using a private key
>>46736865
>I would like to have some remote access, so will go for maximum security.
Explain to me how using keys is more secure
>>46736898
Mechanical keyloggers.
Yes, it happens.
>>46736898
Keys are extremely difficult to brute force.
To make a password in equal strength to keys, the password would have to be something like 300 characters long, utilising characters, numbers and punctuation characters
>>46736910
yeah, they happen if you don't own the hardware, or don't supervise it properly
if someone has enough access to the hardware you're using, to install a keylogger, then they can just as easily get your private keys
>>46736910
You cannot possibly be serious
>>46736914
So you go from being able to bruteforce it in thousands of years to hundreds by using a password
>lose key
>cant access server anymore
Bad idea
>>46736943
OK, you can keep arguing it. As it'll be internet facing for some aspects, I'm going to go with keys.
>>46736962
>Lose key
>Plug in server to screen and fix
>>46736352
>key only
Dumb idea, do two-factor authentication with key & password.
>>46736994
You can do both? Awesome, thanks.
So many guides make assumptions of your knowledge on this subject.
>>46736943
Remember, fir someone like NSA it's 5 years instead of 6 months.
You live 4,5 years more thanks to public keys.
>>46736978
>OK, you can keep arguing it. As it'll be internet facing for some aspects, I'm going to go with keys.
It's not going to be any less secure.
>>46737046
>muh NSA bogeyman
>>46737089
>NSA shill confirmed
OP what are you going to be using this server for
>>46737165
It's a low power system, so when I want to just browse the net and tasks that don't actually need my i7, I want to use VNC via an RPi (or actually sit at the machine and use it).
Server tasks it'll run:
BTSync
OpenVPN
torrent client
DLNA and media serving
FTP
Backup location for main PCs
Git/SVN server
Web and Normal programming development area
Plus any others as I come to them.