this post was submitted on 14 Jun 2023
13 points (100.0% liked)

Selfhosted

573 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Resources:

> Any issues on the community? Report it using the report flag.

> Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hey all! For the longest time I've had a server that hosts some things (eg Syncthing), but is only available via SSH tunneling.

I've been thinking of self-hosting more things like Nextcloud and Vaultwarden. I can keep my SSH tunneling setup but it might make it difficult to do SSL.

How do you manage the security of having public-facing servers?

you are viewing a single comment's thread
view the rest of the comments
[–] njinx@lemmy.world 8 points 1 year ago (3 children)

Why not use a proper VPN instead of SSH tunnels?

[–] wispydust517@lemmy.world 5 points 1 year ago (2 children)

Mostly a convenience thing, since I only need it on-demand and I usually use SSH for things anyway. As this post suggests I'm obviously rethinking that now :)

[–] njinx@lemmy.world 4 points 1 year ago* (last edited 1 year ago) (1 children)

A VPN you could use on your phone, computer, laptop, tablet, TV, Samsung SmartFridge, etc. I'll admit it's a bit more involved than ssh -L ... but it's well worth it. Especially if you're the only one using it. After setting up Wireguard I've elimated all my router port forwards except SSH and WG

[–] wispydust517@lemmy.world 1 points 1 year ago

Thanks for the tip! Tailscale was so easy to get into and is worth it like you said.