Comment on Another good reason not to open port 22
glasgitarrewelt@feddit.de 1 year agoPlease ELI5: How does this solution work? You tunnel yourself in your home network with a VPN on your PI? How is that safer, isn’t there still a port open?
Comment on Another good reason not to open port 22
glasgitarrewelt@feddit.de 1 year agoPlease ELI5: How does this solution work? You tunnel yourself in your home network with a VPN on your PI? How is that safer, isn’t there still a port open?
entropicdrift@lemmy.sdf.org 1 year ago
I have a port open, yes, but it’s not port 22. The problem with Tailscale is you’re trusting a third party. With my setup, it’s just me connecting directly to my Pi. Thanks to port forwarding the only open port pointing to my Pi is the one that I use for WireGuard.
I already have a DDNS and domain name pointing to my house, so there’s effectively no added risk compared to my existing setup with a couple webapps being reverse proxied behind Caddy on a different device.
glasgitarrewelt@feddit.de 1 year ago
Thanks! I think I get too hung up on the VPN-part. If I had a setup where I open one Port to a Pi which is set up as a nginx reverse proxy that redirects the connection to my different services depending on the URL - homeassistant.myserver.com, backup.myserver.com,… - would that be considered a VPN?