Why don't we ssh into each others computers? What can possibly go wrong?

Why don't we ssh into each others computers? What can possibly go wrong?

Other urls found in this thread:

aur.archlinux.org/packages/openssh-hpn-git/
psc.edu/index.php/hpn-ssh/640
twitter.com/NSFWRedditImage

>Why don't we ssh into each others computers?
Because everything can go wrong

I have nothing to hide.

how strong is your root password

I have root login disabled

then my next question is how much do you trust openssh

But no one can break into your hardened gentoo meme os.

8 characters. I ssh into other systems with shared keys though so it logs in quickly. Still have to use sudo though so I assume disabling root account is pointless.

Have ssh to only allow local ip range connections. Does this protect me from Chinese botnets? Also fail2ban...not sure if it does anything on my machine.

someone could drive up to your house and crack your wifi??

Possibly but that takes more effort.

Yeah, but what if he lays landmines?

minesweepers?

What if they use a drone with a cell phone signal?

I only do RSA key based SSH with multi factor auth through authy so no

my root password is the same as my regular password, and I don't have a regular password

what if they hit you with a $5 hammer

The NSA won't like it, they would rather have you use backdoor VPN services instead (without logging)

He could hire a trusted person to sit in his house and snipe anyone who checks for mines. Then all he has to do is get some dirt on the guy, and he's all set

I'm the same way. No one's ever really going to make it necessary, but it's fun to setup

can you ever trust another person tho

i know i cant. not... not anymore at least.

>not ECDSA keys
nigga

then he's fucked

It's too late, I don't know any of the passwords, the key to unlock anything is written on a scrap of paper that I can easily destroy by burning / eating -- you can't torture me out of information that I don't possess

This.

Bomb collars make everyone trustworthy

they hit you again, and again, all the while you maintain you dont know the password

>you can't torture me out of information that I don't possess
They can keep torturing you until you give them the information you don't possess though

What if they decide to torture you just to get back at you for destroying it?

all of these spam bots derailing the thread, ssh is the best

get a raspberry pi

shadowsocks
squid3
ssh

> le leddit eccss kkeeyy ceee deee funneh mane
face it user, in anybody has the kind of data that would warrant that they are either
1) Already six feel under
2) Rich enough to afford security
3) Posing as a beggar in Petropavlovsk-Kamchatsky

warrant a 5 dollar hammer?

Is there a better way to move files than scp? Getting shitty speeds over my network (worse than my internet).

Whoa there why would you we're bots? We're people, and saying that hurts my feelings.

>captcha didn't believe I was a real person

rsync might fit the bill i dont know

what kind of security do (You) propose is sufficient

A webserver and aria2c
rsync (probably won't fix speed issues)
rsync wrapped in a parallelizer (probably will fix speed issues if multiple files)

SFTP?

Why would sftp be a solution to shitty speeds?

> warrant a 5 dollar hammer?
You're saying that as if I would be receiving it as a gift. Torture is illegal, user :^) besides, in Bongladesh, you can't pass gas without the government having a live CCTV feed of your colon. If the actual gubmint is out for my ass I'm fucked six ways from Sunday.

i dont think i want to ssh into your computer, or vice versa

Right, yeah. I've kind of forgotten the slow speeds ever since it got blocked at my work

Erm, lad... By SSHing... uh. They did.

who decided who the gubmint is

>tfw monitoring your auth.log obsessively

*decides

SSH-HPN
aur.archlinux.org/packages/openssh-hpn-git/
psc.edu/index.php/hpn-ssh/640

>all this paranoia
lmao nobody is gonna bother cracking your anime machines, I've been running Intel AMT with the default password for MONTHS on my notebook and even connected it to multiple campus networks and nothing happened. Nobody cares about your anime enough to bother connecting.

Bots though may come in and encrypt all your home files then leave a note pay in buttcoins.

If I could I would mount your EFI vars and delete them just for shits and giggles

How exactly do you think those bots are going to connect to my machine?

This sounds fun, I'd like to do this on my throwaway laptop later

By attempting to login to your machine with various passwords until one works because fail2ban and keys are paranoia

Because there's like 50 public privilege escalation exploits for Linux at all time.

Essential for web servers and home if you have files nobody should see.

>running intel AMT

mah trusted stick skylakes intel ME rrand Huffman backdoors hush hush

Whatever shit you're gonna throw at it, it is probably sufficient. Threat model, user. Who do you expect to want your data?
0) nobody
1) random thieves
2) economic espionage from your competitors (if any)
3) gubmint
For 0, see , nobody cares about the data on our meme machines unless it's some ransomware bot.
1) Install leenacks and encrypt, herp derp
2) You need a combination of know-how and/or money. Excellent security will take you a long way, but if whoever wants your data is rich, they don't give a fuck, they can and will hire help. You will make a mistake sooner or later. One of the best defence is money. Yes, it doesn't stop you from being a blubbering retard, but if you know what you're doing, it can go a long way. The rest about some sole leet haxxor fending off the oposition is just a digital robin hood-ism meme.
3) Haha, you're fucked, might as well turn in before you get unperson'd, or practice russian and stow away in a tanker headed for previously mentioned Russia, where you'll get to slurp pierogi untill some random Boris is payed half a vodka bottle to cave your skull in.

It really doesn't matter who, whoever is on top has the access to the power to monitor one way or another, or has access to the manpower. Unless you are full autismo, you will make a mistake

and they gonna do that how, exactly?
there's not a single public IP address that points to my device.

Compress the data first and pipe through SSH to minimize the throughput:

tar -cJf - /dir/files | ssh remote_host "tar -xJf -

should about do it. The "-J" flag to modern GNU tar uses XZ compression, but if you have a good machine, you could pipe tar through pigz or pxz and get faster, better throughput.

Highly recommend checking out pigz and pxz if you do not use them.

Forgot to close my quote on the command for the remote host. Make sure you close it after the "-" character. Also test it first with a small directory as I am writing this from a machine without access to man pages, so purely from memory.

Whats this got to do with sshing into anons computer

user asked what kind of security I thought was sufficient, friend. I simply responded with a quantified "it depends".

Yes I always play about in /tmp testing commands. Haven't fucked up a machine yet. I have to check the man pages before doing.

Depends on what

I dont expect anyone to want my data

Well then, you're set, user. Just practice basic security. Don't do dumb shit and don't hide data in obvious places and you should be fine

If nobody cares about the data on your meme machine would you let user in via ssh

Whats the worst that could happen

dumb shit and basic security are redefined everyday, it's all about stayin' in touch with the seasons

use sftp moron and use lftp to use multiple concuurent connections

You don't need root account to use sudo, you dim witted mongoloid.

192.168.7.2 admin:admin Hack me!

Why would you need to do that if your router doesn't allow the port through?

Okay, you go first. My IP is 127.0.0.1