- Apr 25, 2013
- 834
- 0
- 11,360
Hi all. Just wanted to check that this SSH VNC setup is completely secure:
1. It is running over a 1mbit connection(105 kb/s at peak, In practise, only about 20kb/s AT MOST is going to be available for the SSH VNC connection(I am constantly running downloads and/or streaming videos/music. Which is gonna make a brute force hack pretty darn slow.)
2. The SSH is running over a secret, non-standard port.
3. It is using RSA encryption with a 4096 bit encryption key and plain old password authentication is disabled meaning the only way you are allowed to authenticate is using the 4096 bit key
4. I am using a long passphrase with the RSA encryption.
5. They will need to know my username(it is also a non-standard username)
6. The VNC service running through the SSH tunnel is using a strange port.
7. The VNC has a long passphrase for authentication.
8. The VNC server will ONLY accept loopback connections meaning they either have to be on the physical computer connecting to itself, or it has to be run through the SSH tunnel or else the VNC server will reject the connection.
9. My windows system has a password(its Windows 8 with a lock screen and it locks pretty quickly.)
Also, this is just a random home network. We are not running any other servers/hosting through here. It is not something people are going to try hacking that often.
What is the chance of someone getting through this?
1. It is running over a 1mbit connection(105 kb/s at peak, In practise, only about 20kb/s AT MOST is going to be available for the SSH VNC connection(I am constantly running downloads and/or streaming videos/music. Which is gonna make a brute force hack pretty darn slow.)
2. The SSH is running over a secret, non-standard port.
3. It is using RSA encryption with a 4096 bit encryption key and plain old password authentication is disabled meaning the only way you are allowed to authenticate is using the 4096 bit key
4. I am using a long passphrase with the RSA encryption.
5. They will need to know my username(it is also a non-standard username)
6. The VNC service running through the SSH tunnel is using a strange port.
7. The VNC has a long passphrase for authentication.
8. The VNC server will ONLY accept loopback connections meaning they either have to be on the physical computer connecting to itself, or it has to be run through the SSH tunnel or else the VNC server will reject the connection.
9. My windows system has a password(its Windows 8 with a lock screen and it locks pretty quickly.)
Also, this is just a random home network. We are not running any other servers/hosting through here. It is not something people are going to try hacking that often.
What is the chance of someone getting through this?
Facebook
Twitter
Instagram