On 10/12/20 1:59 pm, Ralph Underwood wrote:
What's wrong with using VNC? I use it to get to two remote Weewx
running RPi. With the RPi, VNC has a deal to access up to five
computers for free.
Hi Ralph,
VNC requires a GUI, e.g. desktop packages need to be loaded for VNC to
work. This vastly increases the attack surface for hackers.
Desktop GUIs are not required on servers, least of all something as
simple and tiny as weewx.
If you must have a GUI for your server, use a BUI something like Webmin
or Cockpit that can be secured properly. Both lightweight compared to X!
SSH with keys, is the best option for a remote system for CLI.
Oh yes... and SSH is free and included with every linux/unix for an
unlimited number of servers.
When building a system exposed to the internet you always start with the
"minimal install" group as provided by all vendors. You then add only
the packages you need to get your server/services working. This makes
for a small tight system with a minimal attack surface and limits the
amount of things to keep patched.
Depending on what OS you are using you should also have something likeĀ
LivePatch, yum-cron, Ksplice, Autonomous Linux, etc. to keep your system
up-to-date with critical security updates even when you're not paying
attention to it.
And.... you should be using a cron'd Rsync over SSH to keep a backup
off-site just-in-case the flash fails. Or at least some other automated
backup methodology.
cheers
Tim
--
You received this message because you are subscribed to the Google Groups
"weewx-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to weewx-user+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/weewx-user/c33b230d-253c-d5ab-0dbe-e813e56483e2%40skybase.net.
