NB: Question at end. Althea Shaheen via WLUG <wlug@lists.wlug.org> writes:
since I trust the security of my phone a tad more (but only a tad).
Why am I seeing ^M at the end of line. Somewhere along the pipe something must take responsibility for replacing IBM crlf with Unix \n. No matter; I'll do it myself.
so hoping for WLUG virtually dec 14. -doug
I assume that didn't happen. If it did, sorry I missed it.
I also want to setup a Wireguard tunnel between home and my VPS in the cloud to make backups easier and simple.
For a short time I thought I might need a VPN to simulate the home-internal network I used to have http://www.free-comp-shop.com/none/wireless.html#diagram I got the wireguard white paper and decided, no. Don't need encryption; no real secrets here.
I run pi-hole at home to block ads network wide,
Don't need ad blocking, don't know what's a pi-hole. Sounds Rude. I was watching the /var/log/auth.log on fcx1, my cloudy-VPN, as fools tried to guess passwords for users that don't even exist. No worries, they can't even guess user names, my passwd is good. Then I saw the same IP try to guess a password for root, over and over. Oh oh. I forgot that one. They guessed a login id. Enough! I remembered Tim talking about using fail to ban. I don't know anything about it but I guessed how to spell it and apt-get install fail2ban It is more configuration than I expected, but I'll figure it out. I thought, no hurry, there is zero chance of guessing the root password because you can't log in as root over ssh. Just to be sure I "su -" on the laptop and "ssh fcx1". To my horror it let me log on as root (with password, of course). I thought that was blocked by deep world-wide default! I don't remember why I thought that. Maybe it was a decade ago and on a different distribution. I am using Debian. Does anyone know a quick and easy way to make it so? I want to be able to "su -" after I log in, but I can see no excuse for ssh to let a root log in directly.
This is why everyone should train their mother to offer a secure ISP/VPN service. "Mom's VPN: Do you trust your Mom?" md
With my life? Yes. With a computer? No! -- Keith PS: Seven copies of WLUG mailing list -- wlug@lists.wlug.org -- deleted. You will have to make do with this one: