Secure encrypted remote when travelling

Here's how to securely log in to your home/office computer when travelling. These instructions set up a secure encrypted channel using key-exchange ssh rather than simple password entry. (Note - here I assume you are using a real operating system:

1. To have both desktop gui and command line access, first install ssh:

1. On the local machine type sudo apt-get install openssh
   On the remote machine type sudo apt-get install openssh-server
2. On the local machine edit the file /etc/ssh/ssh_config and change the port number from 22 to something else, such as 2798 or whatever port makes sense for your setup. The idea here is to use a non-standard port for ssh which gives just a little bit more security against hacks and port scanners.
3. On the remote machine edit the file /etc/ssh/sshd_config and
   1. change the port to what ever number you set on the local machine in the previous step.
   2. Make sure the commands in sshd_config are set as follows:
      PubkeyAuthentication yes
      AuthorizedKeysFile .ssh/authorized_keys
      PasswordAuthentication no # we will only be using secure key-pair logins
      PermitRootLogin no
4. Restart the ssh server:
   sh /etc/init.d/ssh restart

2. For the command line, first set up ssh:

1. on the local machine log in to your home account
2. type ssh-keygen -t rsa
3. you will be asked for a passphrase. Enter something with letters, numbers, and symbols ... and memorize it.
4. now copy they public portion of the key you just generated to the remote machine by typing:
   ssh-copy-id youraccount@remote.org
   (Note: the ssh-copy-id command comes with openssh, which you installed in step 1
5. That's it, you should now be able to login to the remote server by typing:
   ssh -p 2798 youraccount@remote.org
   (Note that the -p 2798 is just the port number you set for your remote server in step 1 above)

Easy!

Okay, now click here to see how to connect and run a desktop gui over a fully encrypted secure channel.