I’m trying to access a computer attached to my router using Gnome remote desktop (settings:sharing). I can get it working but only if I disable the firewall.
How do I configure the firewall in yast so I can leave it running whilst using remote desktop?
There’s currently a tick next to ‘public’ and an interface called docker.
It seems to need port 3889 but I’ve no idea how to use the firewall. It seems pretty straight forward to open a port for a zone but I don’t know which zone the firewall is currently using or which I should be opening the port on. I guess I can also add a service to a zone but which service and which zone? I also don’t know how safe it is to leave remote desktop set up? The computer is accessible remotely using a VPN tunnel to a docker container.
Will I have to change the default zone every time I want to use remote desktop? I’m planning on using the computer as server without a monitor or kb/m attached so I just want to set it up and
leave it.
Thank you !
If you have a strong password is should be safe, but you probably also do not need a remote desktop if it’s a server, can you just use ssh? (port 22)
I don’t think you need to change the default zone if you leave it the same, you can permanently open a port.
firewall-cmd --get-active-zones
1 Like
Thank you for your replies. SSH - I’m keen to stick to the gnome integration partly because I’m a Gnome fanboi but also because I installed Fedora-Asahi on my laptop and I don’t benefit from yast. It all seems to be Gnome or the console.
–get-active-zones returns what I expected (‘docker’ interface and ‘public’ zone) and the public zone has the vnc-server service attached, along with ssh and dhcpv6-client. I just opened port 3389 on the public zone and it’s working. I hope this is safe given the machine can be accessed using a web address (I’ve got an apache server running in a docker container which is accessed via a Clourdflare VPN tunnel). No router ports opened, by me at least.
I really do need to read more about firewalld (clearly!) but everywhere seems to jump in deeper than I can manage. Maybe I’m just over-thinking it all!
Am I right to think all the zones listed in yast are simply pre-configured groups of services which I can choose to use if I want… ie they not needed or used, except ‘public’, until I decide to switch to a different one?
I’ve got a stack of relatively simple networking/security questions to ask, most not specific to openSUSE. Is there a recommended resource/tutorial I can read through? I’d probably benefit from going through what tryhackme has to offer but that’s slow going!
Thank you. Currently… no more dragging my monitor, kb and mouse around the place!
Sounds great! If you have a super strong password then it should be safe, and depending on your usecase, you could close it when you’re not using it.
1 Like