SSH through VPN - eviltoast

Hello I am wondering if there is increased network/packet security by connecting to a server over ssh through a VPN hosted by that same server as opposed to without first tunneling by VPN. I imagine with or without tunneling through a VPN there would be latency/speed differences too?

  • towerful@programming.dev
    link
    fedilink
    arrow-up
    3
    ·
    6 months ago

    Wireguard uses UDP.
    Wireguard also strives to be “silent” for bad traffic/connection attempts. I’ve tried a cursory look to find more information on it, but nothing that explains it simply.

    Either way it doesn’t turn up on port scans.

    • Ponziani@sh.itjust.worksOP
      link
      fedilink
      arrow-up
      2
      ·
      6 months ago

      But the router must forward the port to allow the VPN to be utilized , meaning that port being forwarded can be scanned/detected i thought?

      • damium@programming.dev
        link
        fedilink
        English
        arrow-up
        3
        ·
        6 months ago

        It depends on how the router responds to other non-forwarded ports. For UDP an open port with no response is the same as a dropped packet. A scanner will only know if the device sends an ICMP response back to indicate that it is closed.