# 70

We used the opportunity that Corpus Christi is a public holiday in
Bavaria and took Friday and even next Monday off. Although we do not
really like such short trips, but currently we are at our parents' as
my father turns 70 on Sunday.

To maximize the time we can spend here, we traveled by air. This was
my first flight in 3 years I think, mainly because of the covid
restrictions. However now there were almost none of those. At the
airport wearing masks is optional. We had one stop on the journey to
here and on the first leg wearing masks should have been mandatory,
but the cabin crew simply did not care.

There were some young people sitting around us, who already had a few
beers and of course ordered more on the plane. They were loud, but the
first leg was just a 50 minutes flight, so headphones and a little
hardcore solved the problem for me. My wife was not so fortunate as
she does not like to listen to music when traveling, so she had to
listen to the loud singing of some half-drunken university students
(at least they were talkin about uni stuff before I put my headphones
on). The connecting flight was even shorter and a lot quieter - apart
from the roaring engines.

I opened port 22 on my router at home and left my RPi on so that I can
conneect to it while I'm at my parents'. Before doing this I setup npf
on NetBSD that is running on the RPi and also blacklistd to ban those
who try to log in multiple times. Additionally only specific users are
allowed to login and only using public key auth.

I configured blacklistd to ban offending addresses for 48 hours and
can look at the ban list using:

blacklistctl dump -br

This also shows the remaining ban time. The corresponding npf rules
can be listed with:

npfctl rule blacklistd list

Until now the "attacks" are not so frequent, according to authlog
there are periods where nothing happens for half an hour.

I used the example npf config in /usr/share/examples/npf and added
rules for ssh, http & https to it. Mosh I can only use from my home
LAN, I just use ssh to connect to the RPi now.

I wanted to work on my learning project for razor pages and MySQL is
installed on the Pi. My app connects to it via a simple ssh tunnel.

Oh and it's Friday. Enjoy your weekend.

You are viewing proxied material from sdfeu.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.