I just had to email me a file I got sent to my phone and I feel unable to accept this as the better solution.
What you do guys use for inter-device communication?
I just had to email me a file I got sent to my phone and I feel unable to accept this as the better solution.
What you do guys use for inter-device communication?
Most people probably don’t care but it can be a security risk, allowing malware to move “laterally” between all your devices. For my main devices I don’t give them SSH access to each other, but I do give them SSH access to my secondary devices (like a Pi-Hole)
Unless you do something incredibly stupid, such as allowing keyless login or sharing keys (or having unencrypted keys or keys without a passphrase, seriously), I find it hard to see how that would actually happen in practice.
Even if you have a password for your ssh key, malware on your system can just wait until you enter the password.
My point is that SSH access is very powerful, and effectively means that the security of the SSH server is reduced to the security of the SSH client. If your SSH client is pwned, so is your server. If you have 10 devices each with ssh access to each other, then if any one device is pwned, all devices are pwned as well.
This is not the case for systems designed for file sharing only. For example with syncthing, if one device gets pwned, all it can do is send files to the other devices.
Sure, it’s just that from my point-of-view I’d be toast anyway if anyone managed to gain that level of access.
Depending on the number of devices you have, your threat model, it can be helpful to set up a security hierarchy. So you only need to worry about securing the devices at the top of the hierarchy, and can play loose and careless with the devices lower down. That way it’s less likely to lose everything due to one mistake