Announcement

Collapse
No announcement yet.

Where can I find an secure / SSH setup and configure document?

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Where can I find an secure / SSH setup and configure document?

    Can someone provide information on a document or steps, on how I can configure ssh for my HS login.

    I understand that passwords are visable plain text by default unless I set up a encrypted port 443 / ssh point of access? Is that correct?

    Please guide me on how I can have a HS on the internet that is "most secure" to access. It seems that unless I limit the source IP address, the "from IP" that can connect to my home HS, I will always get port scans that see a secure port that is open ... but hopefully not accepting or effected by internet bombardments and scans.

    Thanks in advance?

    Richard
    HS3 Standard Edition 3.0.0.258
    Tags: None
    #2
    I have been using this ssl cert technique for several years

    http://forums.homeseer.com/showthread.php?t=108130
    Over The Hill
    What Hill?
    Where?
    When?
    I Don't Remember Any Hill

    Virtualized Server 2k3 Ent X86 Guest on VMWare ESXi 4.1 with 3 SunRay thin clients as access points - HSPro 2.4.0.48 - ZTroller - ACRF2 (3 WGL 800's) - iAutomate RFID - Ledam - MLHSPlugin - Ultra1wire - RainRelay8 - TI103 - Ultramon - WAF-AB8SS - jvESS (11 zones) - Bitwise Controls BC4 - with 745 Total Devices - 550 Events - 104 scripts - 78 ZWave devices - 42 X10 devices - 76 DS10a's 3 RFXSenors and 32 Motion Sensors

    Comment

      #3
      Secure HTTP (HTTPS) and SSH are not the same, but I think that you meant to write HTTPS - SSH (Secure Shell) is for terminal logins.

      Keep in mind that having a secure server will NOT reduce the attempts to access the system if you are getting port scans. The port scans happen because frequently used port numbers are where your web server lives - e.g. 80, 8088, 443. So, when you set up your web server, I suggest using non-standard port numbers. It makes it harder to remember to add the port number at the end of the host name, but it will keep your system safer.

      I also suggest that if security is a concern, then besides using the secure web server, that you also set up your firewall so that your regular web server (which can be at port 80 to make it easier) not be allowed through - you would be surprised how often somebody sets up the secure server but then allows both to be accessed from outside the home!

      Also, in the release of HomeSeer we are about to put out (2.3.0.0) we have a new feature that monitors for port scans - e.g. several log in attempts that fail in a short time - and we disable all access from that IP address for 30 minutes. To the port scanner it is as if the machine just disappeared, so they stop their scan.
      Regards,

      Rick Tinker (a.k.a. "Tink")

      Comment

        #4
        ssl server keys

        Great, I downloaded and followed the instructions. straight ahead.

        Now I need to enable the web server on a port

        - Enable SSL Secure Server: "YES"


        and the SSL password to enable this login process?

        - SSL Server Certificate Password:- "one I created "

        that is all ?



        Does the local no login still function or is it an either / or selection ?

        Final Steps ?|

        Thanks
        HS3 Standard Edition 3.0.0.258

        Comment

          #5
          re-question

          Is this correct?


          Now I need to enable the web server on a port

          - Enable SSL Secure Server: "YES"

          and add the SSL password to enable this login process?

          - SSL Server Certificate Password:- "one I created "



          that is all ?



          Does the local no login still function or is it an either / or selection ?

          Final Steps ?

          Thanks
          HS3 Standard Edition 3.0.0.258

          Comment

            #6
            I believe so, if I remember correctly
            Over The Hill
            What Hill?
            Where?
            When?
            I Don't Remember Any Hill

            Virtualized Server 2k3 Ent X86 Guest on VMWare ESXi 4.1 with 3 SunRay thin clients as access points - HSPro 2.4.0.48 - ZTroller - ACRF2 (3 WGL 800's) - iAutomate RFID - Ledam - MLHSPlugin - Ultra1wire - RainRelay8 - TI103 - Ultramon - WAF-AB8SS - jvESS (11 zones) - Bitwise Controls BC4 - with 745 Total Devices - 550 Events - 104 scripts - 78 ZWave devices - 42 X10 devices - 76 DS10a's 3 RFXSenors and 32 Motion Sensors

            Comment

            Previous template Next
            Working...
            X