Hi, Please let me know, is it a good idea to use OpenBSD to connect to a remote LAN via SSH? Port forwarding is enough for me, though I can pass-through OpenVPN via SSH forward too. SSH seems to me as the most secure channel compare to other software and it is easy to get it working.
I need a secure dedicated textual SSH console connected to Internet at home - Console1 and preferably a two ports router on another end of the Internet line to accept my SSH connections - Router1. What are the best methods to keep private keys in a safe place? I do not know anything better than devices like Nitrokey Pro, though some PCI card (secure java card) reader devices exist too. Can OpenBSD use USB dongle (not a flash drive) Nitrokey Pro 2 to store SSH private keys BOTH on the server side and on the client side? One first dongle on the client and another second dongle on the server - two dongles in total :) What is the most secure hardware (which was sold in public shops) for Console1 and Router1 ? Can you offer anything better than Cortex A7 board which is immune to Spectre? What is the most secure Cortex A7 board on which OpenBSD can run? I guess it shall have as little BLOBs as possible - only a small Boot ROM like Beaglebone Black which unfortunately is not Cortex A7, but rather Cortex A8.
