[kwlug-disc] Tightening up SSH

Dave Cramer davec at visibleassets.com
Tue Jul 20 05:45:24 EDT 2010


On Mon, Jul 19, 2010 at 10:43 PM, unsolicited <unsolicited at swiz.ca> wrote:
> Dave Cramer wrote, On 07/19/2010 10:42 AM:
>>
>> Now if you want to go one step further you might consider installing
>> openvpn, and only open the port on the openvpn device.
>>
>> That would be acceptable obscurity in my view.
>
> So, openvpn is more secure than ssh?

Yes, see below
>
> Or an openvpn open port is less obvious than a ssh port?
>
Actually yes, since there is only one openvpn port actually open, that
is on the server, and it could be port 443 and use port sharing.
You would have to get on my VPN before you could see open ports on the
client machines.

> Or openvpn is a step further in the 'secure installation' journey?
Not sure what that question is asking exactly.

Dave



More information about the kwlug-disc_kwlug.org mailing list