I just setup a minecraft server on an old laptop, but to make it acessible i needed to open up a port. Currently, these are the ufw rules i have. when my friends want to connect, i will have them find their public ip and ill whilelist only them. is this secure enough? thanks

`Status: active

To Action From


22/tcp ALLOW Anywhere Anywhere ALLOW my.pcs.local.ip`

also, minecraft is installed under a separate user, without root privlege

  • @i_am_not_a_robot@discuss.tchncs.de
    link
    fedilink
    English
    63 months ago

    A large percentage of those hosts with SSH enabled are cloud machines because it’s standard for cloud machines to be only accessible by SSH by default. I’ve never seen a serious security guide that says to set up a VPN and move SSH behind the VPN, although some cloud instances are inherently like this because they’re on a virtual private network managed by the hosting provider for other reasons.

    SSH is much simpler and more universal than a VPN. You can often use SSH port forwarding to access services without configuring a VPN. Recommending everyone to set up a VPN for everything makes networking and remote access much more complicated for new users.

    • JustEnoughDucks
      link
      fedilink
      English
      43 months ago

      OK that is fair, though that is not self hosted…

      VPS machines are a completely different beast than self hosting. But I guess I only said home use, not specifically self-hosting though we are in a self-hosted community. There are 1000 guides for setting up a VPN on your home network.