Follow

Any Linux expert here? Does github.com/btcpayserver/btcpay seems a good advice? No idea if this is the best practice.

@NicolasDorier fail2ban works well, might make sense to add ufw and move SSH to a custom port (some high number) and maybe add port knocking for good measure.

@NicolasDorier
Seems @harding just responded with some good advice. I'll use this on my system as well :-)

@NicolasDorier I install it everywhere. Not a substitute for strong password, but keeps the logs cleaner. It's a win IMO.

@NicolasDorier not an expert. I would say not a priority since most people use high entropy ssh-keygen key pairs now days

@seoulben problem is that the one-click deploy of BTCPay use a user defined password.

@seoulben I can't expect the users of btcpay to know about linux so...

@NicolasDorier @seoulben It might be safer to randomly generate a password for them and insist they write it down. Or, if you're already having them backup a seed, you could generate the password from some HD path in there. Best of all would be if you generate an ssh key pair for them as part of the setup and lock out passwords (again, maybe deriving the key pair from an HD seed so they have only a single recovery value).

@harding @seoulben this is good idea. Only problem is that the one-click deploy system of Azure does not allow me to generate a password for them.

However, I can customize the startup script on the provisioned VM. If I do that, my only issue with this is that I don't know then how I can send the password to the user!

@NicolasDorier @seoulben Maybe the regular web password reset mechanism, where you send them a password reset link via email with a unique random token embedded in the URL, they visit the URL (maybe enter their user-selected password for security) and are provided the new secure password secured by TLS?

@harding @seoulben "sending email" is the issue. I would like to not having to deal with emails which depends on my server.

Another idea is simply to generate the SSH private key, let BTCPay know about it. Then in BTCPay interface, having a page for the admin to know about it.

This actually make UX of BTCPay better, for some actions.

@harding @seoulben right now, some action of BTCPay, like updating the server or changing the domain name requires the user to enter SSH admin + password.

But if BTCPay knows about the SSH key, I will not need to ask to enter this info anymore. This is quite cool.

@NicolasDorier yes, limiting failed login attempts is a good security practice. Not sure if it's within the scope of the project though, but I'll leave that to you.

@NicolasDorier there is also sshguard exists, which serves the same purpose but slightly different approach

@leshik I decided to go for the long term solution of no password and Auto generated private key that I give to user via BTCPay. Best for UX, and secure against brute force.

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!