<html><body><div style="font-family: arial, helvetica, sans-serif; font-size: 10pt; color: #000000"><div>Depending on your scenario you could use an iptables rule for allowing ssh thru known ip addresses, setup an ipsec tunnel, or for example a simple knock-knock, ah, and you could use ssh keys too.<br></div><div><br></div><div><br></div><div><br></div><hr id="zwchr"><div style="color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;" data-mce-style="color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;"><b>De: </b>"Adam Hunt" <voxadam@gmail.com><br><b>Per: </b>pve-user@pve.proxmox.com<br><b>Enviats: </b>Dimecres, 5 de Juny 2013 9:23:26<br><b>Assumpte: </b>[PVE-User] Security question<br><div><br></div><div dir="ltr"><span style="font-family:arial,sans-serif;font-size:13.333333969116211px" data-mce-style="font-family: arial,sans-serif; font-size: 13.333333969116211px;">Warning: I'm new to Proxmox and pretty new to virtualization in general.</span><div style="font-family:arial,sans-serif;font-size:13.333333969116211px" data-mce-style="font-family: arial,sans-serif; font-size: 13.333333969116211px;"><br></div><div style="font-family:arial,sans-serif;font-size:13.333333969116211px" data-mce-style="font-family: arial,sans-serif; font-size: 13.333333969116211px;">I am looking at using Proxmox on a leased box in a rack somewhere for some personal projects. One thing that I've noticed about Proxmox is the use of root, access is available via both SSH and the web interface. Is this required for Proxmox to function properly? I've always been taught that it's a bad idea to expose root directly via SSH not to mention some web interface.</div><div style="font-family:arial,sans-serif;font-size:13.333333969116211px" data-mce-style="font-family: arial,sans-serif; font-size: 13.333333969116211px;"><br></div><div style="font-family:arial,sans-serif;font-size:13.333333969116211px" data-mce-style="font-family: arial,sans-serif; font-size: 13.333333969116211px;">If I end up using Proxmox on my leased server what is the best way to secure the interfaces?</div><div style="font-family:arial,sans-serif;font-size:13.333333969116211px" data-mce-style="font-family: arial,sans-serif; font-size: 13.333333969116211px;"><br></div><div style="font-family:arial,sans-serif;font-size:13.333333969116211px" data-mce-style="font-family: arial,sans-serif; font-size: 13.333333969116211px;">By the way, the leased box I am using only has a single NIC and IP at the moment. I can get more IPs if I have to but I'm limited to a single NIC.</div></div><br>_______________________________________________<br>pve-user mailing list<br>pve-user@pve.proxmox.com<br>http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user<br></div><div><br><br></div><div><br></div><div>-- <br></div><div><span name="x"></span><div><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;">.................................................................................................................................. </span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <b><span data-mce-style="font-size: small;" style="font-size: small;" size="2">Andreu Sànchez i Costa </span></b><i><span data-mce-style="font-size: small;" style="font-size: small;" size="2">(</span></i><span data-mce-style="font-size: small;" style="font-size: small;" size="2">G</span><i><span data-mce-style="font-size: small;" style="font-size: small;" size="2">PG key: 06AE46D1)</span></i></span><br><span style="font-size: small; font-family: arial,helvetica,sans-serif;" size="2" data-mce-style="font-size: small; font-family: arial,helvetica,sans-serif;"> <span data-mce-style="color: #666666;" style="color: rgb(102, 102, 102);" color="#666666">Departament de Sistemes</span></span></div><div><span style="font-size: small; font-family: arial,helvetica,sans-serif;" size="2" data-mce-style="font-size: small; font-family: arial,helvetica,sans-serif;"><span data-mce-style="color: #666666;" style="color: rgb(102, 102, 102);" color="#666666"><br></span></span></div><div><span style="font-size: small;" size="2" data-mce-style="font-size: small;"><span style="color: #666666;" color="#666666" data-mce-style="color: #666666;"><img doc="Briefcase/logoIWS.png" src="cid:911b1a391ec073884b5502137cf4e60667042eaa@zimbra" data-mce-src="https://zimbra.iws.es/home/andreu.sanchez@zimbra.iws.es/Briefcase/logoIWS.png"><br></span></span></div><div><span style="font-size: small;" size="2" data-mce-style="font-size: small;"><span style="color: #666666;" color="#666666" data-mce-style="color: #666666;"><br></span></span></div><div><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"><span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #000000;" data-mce-style="color: #000000;" color="#000000">c/ Segria 34, 25006 Lleida</span></span></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #000000;" data-mce-style="color: #000000;" color="#000000">Tlf: <a href="tel:%28%2B34%29%20973%2023%2041%2006" data-mce-href="tel:%28%2B34%29%20973%2023%2041%2006">(+34) 973 23 41 06</a> & E-mail: <a href="mailto:andreu.sanchez@iws.es" data-mce-href="mailto:andreu.sanchez@iws.es">andreu.sanchez@iws.es</a> & Web: <a href="http://www.iws.es" data-mce-href="http://www.iws.es">www.iws.es</a> </span></span></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> .................................................................................................................................. </span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <b><span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #9d9d9d;" data-mce-style="color: #9d9d9d;" color="#9d9d9d">RESPECTEM EL MEDI AMBIENT:</span></span></b></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #9d9d9d;" data-mce-style="color: #9d9d9d;" color="#9d9d9d">Abans d'imprimir aquest correu electrònic penseu bé si és necessari fer-ho. El medi ambient és cosa de tots.</span></span></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <b><span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #9d9d9d;" data-mce-style="color: #9d9d9d;" color="#9d9d9d">RESPETEMOS EL MEDIO AMBIENTE:</span></span></b></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #9d9d9d;" data-mce-style="color: #9d9d9d;" color="#9d9d9d">Antes de imprimir este e-mail, piense bien si es necesario hacerlo. El medio ambiente es cosa de todos.</span></span></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <b><span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #9d9d9d;" data-mce-style="color: #9d9d9d;" color="#9d9d9d">PLEASE, RESPECT THE ENVIRONMENT: </span></span></b></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #9d9d9d;" data-mce-style="color: #9d9d9d;" color="#9d9d9d">Think twice before printing this e-mail. Environmental protection is in our hands.</span></span></span><br> <br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <b><span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #9d9d9d;" data-mce-style="color: #9d9d9d;" color="#9d9d9d">CONFIDENCIALITAT: </span></span></b></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #9d9d9d;" data-mce-style="color: #9d9d9d;" color="#9d9d9d">La informació inclosa en aquest missatge és confidencial i per a us exclusiu del destinatari. </span></span></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #9d9d9d;" data-mce-style="color: #9d9d9d;" color="#9d9d9d">Si heu rebut aquest missatge per error, li agrairem que ens ho comuniqui i l'elimini.</span></span></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <b><span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #9d9d9d;" data-mce-style="color: #9d9d9d;" color="#9d9d9d">CONFIDENCIALIDAD: </span></span></b></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #9d9d9d;" data-mce-style="color: #9d9d9d;" color="#9d9d9d">La información contenida en este mensaje es confidencial y para uso exclusivo del destinatario. </span></span></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #9d9d9d;" data-mce-style="color: #9d9d9d;" color="#9d9d9d">Si ha recibido este mensaje por error, le agradeceremos nos lo indique y proceda a su eliminación.</span></span></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <b><span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #9d9d9d;" data-mce-style="color: #9d9d9d;" color="#9d9d9d">CONFIDENTIALITY: </span></span></b></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #9d9d9d;" data-mce-style="color: #9d9d9d;" color="#9d9d9d">The information contained in this message is confidential and for the exclusive use of its addressee. </span></span></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> <span style="font-size: xx-small;" data-mce-style="font-size: xx-small;" size="1"><span style="color: #9d9d9d;" data-mce-style="color: #9d9d9d;" color="#9d9d9d">If you have received this message in error, please notify us and delete it from your system.</span></span></span><br><span style="font-family: arial,helvetica,sans-serif;" data-mce-style="font-family: arial,helvetica,sans-serif;"> .................................................................................................................................. </span></div><span name="x"></span><br></div></div></body></html>