Video Tut: Set Up SSH Access To Your Own Pinephone .onion (security enhancement)
#1
Lightbulb 
Many Pinephone users have ssh access open. Result being their Pinephone's ssh server shows up/is by default accessible on the open internet. This can be dangerous (especially given many undoubtedly use weak number passwords (ie: guessable numbers doubling for screen unlock pin)),

So I thought fellow Pinephone users may find this video helpful.

A quick (5min), easy video walkthrough/guide. A simple to implement security enhancement (using Mobian Pinephone as example in the video but will work on any Linux).
Make your Pinephone ssh server only accessible as a Tor .onion address (Blocking access/portscans/shodan for users on standard internet).

https://youtu.be/syKZNMVxTM4

After following the video, edit  /etc/ssh/sshd_config and uncomment/edit the line to match:

ListenAddress 127.0.0.1

Optionally (in case anything in ssh config goes wrong) block using iptables issue the following afterwards:

Code:
sudo iptables -A INPUT -p tcp -s 127.0.0.1 --dport 22 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 22 -j DROP

The above iptables commands block ssh access to your Pinephone from all parties outside your Pinephone localhost address itself (used by tor locally). This means it won't show up when portscanned, won't show up on shodan, and cannot be brute forced without having your personal .onion address. Smile
- RTP

"In the beginner's mind there are many possibilities, in the expert's mind there are few." -Shunryu Suzuki


[ Pinephone Original | Pinetab v1 / v2 Enjoyer ]


Linux Device Privacy / Security Playlist





Possibly Related Threads…
Thread Author Replies Views Last Post
  cryptocurrency on mobian/pinephone biketool 33 49,737 06-30-2025, 02:57 PM
Last Post: biketool
  Axolotl on PinePhone / Mobian arno_nuehm 223 240,971 06-25-2025, 01:19 PM
Last Post: anonymous
  bookworm vs trixie discussion for mobian in pinephone regular. zetabeta 64 22,679 06-17-2025, 06:27 AM
Last Post: anonymous
  Mobian Pinephone Notification LED biketool 2 322 06-07-2025, 03:19 PM
Last Post: KC9UDX
  Pinephone seems tobe using 4G data instead of Wifi data grump_fiddle_reinstall 7 2,746 02-20-2025, 02:47 PM
Last Post: puffchumpy
  How to use QR codes on Mobian Sid(unstable) Pinephone Pro biketool 1 729 01-02-2025, 12:47 PM
Last Post: zetabeta
  unofficial kali linux for pinephone help needed pinesmell 5 6,365 01-08-2024, 02:50 PM
Last Post: ERPlegend
  PinePhone won't boot after software update jb2000 2 2,709 03-17-2023, 07:26 AM
Last Post: Zebulon Walton
Wink Pinephone lost graphic during mobian system upgrade cmpin 4 4,047 03-01-2023, 04:45 PM
Last Post: anonymous
  Debian bookworm security repo user641 2 2,874 02-17-2023, 01:12 AM
Last Post: user641

Forum Jump:


Users browsing this thread: 1 Guest(s)