On Tue, 8 Dec 2020 09:43:31 +0100 <to...@tuxteam.de> wrote: > On Tue, Dec 08, 2020 at 08:12:09AM +0100, john doe wrote: > > On 12/8/2020 1:50 AM, Charles Curley wrote: > > >On Mon, 7 Dec 2020 23:27:25 +0200 > > >ellanios82 <ellanio...@gmail.com> wrote: > > > > > >> - any suggestions please , for a handy VPN for everyday use : no > > >>specific purpose, but only to add a little more privacy ?? > > > > > >With no requirements, it is difficult to say. > > > > > >Will a VPN be overkill? Would you be better off with openSSH to log in > > >remotely? > > > > > > > If you use SSH only the SSH connection will be encrypted, the way I read > > the OP's question is that all traffic should be encrypted through the VPN. > > You can tunnel things through an SSH. See the -X option (to tunnel an > X connection) and all the -L and -R options to proxy a socket. > > As a simple-to-set-up VPN, SSH is unbeatable. It has its downsides, mind > you; the SSH protocol isn't optimised for such things. But if you're using > SSH day-to-day, then starting with it and re-thinking once you reach some > bandwidth/latency limit is a very sensible path.
Yes - I don't do X tunneling, but I frequently do LocalForwarding (usually via config file stanzas) to securely access insecure local HTTP services (e.g., OpenWrt and Home Assisstant GUIs). It's a lot simpler than configuring each one to use HTTPS, or setting up a reverse proxy. I do use Wireguard for general remote access, though. Celejar