Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
It's more about gaining access from inside a network that doesn't allow outbound on 22. For the web to work it would need 443 so connecting out on 443 might work
Sure, just don't mistake port switching for actual security.
I think you may be still missing the point because it was never implied that the port change is for security; the security is in disabling password authentication and only accepting key based authentication. The reason I put it on 443 is because it is a port that is usually allowed by firewalls and doesn't get as much attention. So if I am on a network that is blocking access for standard VPN or SSH ports then it might just be enough for me to bypass it. And it's traffic on a port that is going to see a lot of other encrypted traffic going across it, so it looks more natural then just popping some other random ports that could potentially raise an alarm.
I'm not missing any point. It should be clear to people who don't understand security that running a protocol on a different port doesn't mean shit for safety. "Because it doesn't get as much attention" wouldn't mean anything to any enterprise firewall the moment it's not an http header.
You are talking about security when that is not the purpose of it. So yes, you are off on a tangent and missing the point of it.
It is clear, it's clear to everyone, so why did you randomly interject irrelevant information? Because you incorrectly assumed someone thought it had to do with security... but no one here thought it had anything to do with security. Everyone understood it but for you, and you were corrected not only by me but the other person.
As I've said, I've used it a few times to escape firewalls... it works. Will it always work? No, I never made the claim this will bypass all firewalls... the strictest of firewalls will block it, but there are other ways around those firewalls. E.g. proxytunnel, stunnel4
Absolutely. Though putting it on 443, which is regularly port scanned as well, is the opposite of security through obscurity.