Enabling SSH server and security

Hello all, installed Zorin Core 16.1 and wow - what a nice breeze of fresh air after decades of dull Ubuntu and Mint desktops... Truly awesome.

I have two machines in my living room and more in the carage. What I do is serious work on the main computer and fun and experimental stuff on my test machine. I regularly need to share files across the two computers, my tablet and phone - used Evernote cloud service for that and was pretty happy.

I now installed sshd on my main computer, so I can ssh into it from my awesome Zorin machine. Also have ssh client on my phone, so I can do some serious hacking from my phone. This setup works nicely, sftp is as simple as it gets and it took me five minutes to figure out how to move files with it. Happy all in all.

My question is, I always use silly passwords for my admin user. I'm not worried about a hacker entering into my home and guessing my password. I don't run servers on my computers - until now, the sshd server. Well, I have a firewall on my wifi hotspot, no incoming traffic is allowed, so my stupid question is - is it safe to use a password such as "user" for my admin user? I'm thinking since the firewall does it's job, what it is supposed to do - keep incoming traffic out - does it matter one bit what password my admin user has?

Since I use ssh daily, update software and such, I find it absurd to use a long secure password at home.

And if anyone knows can an Android Nokia phone's firewall be trusted, that would be nice. Shield's Up! - port scanner shows my computer is in true stealth mode - can I assume that my firewall is working as it should? Is there any risk in my setup? Changing my admin's password into a long and secure password is simply not an option for me.

Further question, can the sshd server be configured such that it only allows connections from certain IP addresses? That might add security, but for now I'm simply trusting the firewall.

Many of us use a 4 or 6 digit PIN as a password.
In my shop computer, I had the password of pw for quite a long while...


This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.