m50S79sM6SRNp8Jn
commented
5 days ago For external BliKVM exposure we recommend Tailscale. What would you proposed feature bring additionally, besides multi-layered security?
Open kaiyuan01 opened 5 days ago
m50S79sM6SRNp8Jn
commented
5 days ago For external BliKVM exposure we recommend Tailscale. What would you proposed feature bring additionally, besides multi-layered security?
m50S79sM6SRNp8Jn
commented
5 days ago I am not opposed to multi-layered security.
kaiyuan01
commented
5 days ago Tailscale.
For Tailscale to work, do I have to either install a Tailscale client on my host PC (not an option for me), or put KVM behind a VPN router suporting Wireguard, which is not something I plan on doing.
Any issues with port forwarding? It requires neither of the sw installation, or a VPN enabled router. To secure kvm in this scenario, ip whitelisting is a feature necessary to further protect the system. Hope this makes sense and it should not be difficult to do I think. If you can point me to the server code that handles user requests, I can contribute too.
ThomasVon2021
commented
5 days ago m50S79sM6SRNp8Jn
commented
5 days ago Any issues with port forwarding?
No issues per se, just to be aware the port forwarding elevates security risks. Further, there is a need to handle dynamic IP.
You will need
FYI - I added separate request for the feature not yet available.
Am I missing anything?
m50S79sM6SRNp8Jn
commented
2 days ago These are in separate GitHub requests.
Problem Description only allows blikvm to accept requests from a whitelisted ip's to secure kvm further, esp. in port forwarding scenarios.
Proposed Solution Make server code change so that it only allows blikvm to accept requests from a whitelisted ip's to secure kvm further, esp. in port forwarding scenarios.
Alternatives Considered None
Additional context This helps further secure Blikvm