I just setup a minecraft server on an old laptop, but to make it acessible i needed to open up a port. Currently, these are the ufw rules i have. when my friends want to connect, i will have them find their public ip and ill whilelist only them. is this secure enough? thanks

`Status: active

To Action From


22/tcp ALLOW Anywhere Anywhere ALLOW my.pcs.local.ip`

also, minecraft is installed under a separate user, without root privlege

  • ricecake
    link
    fedilink
    English
    arrow-up
    30
    ·
    2 months ago

    I would use something like wireguard, or another VPN service you can host yourself if your router supports it natively.

    From the looks of it Minecraft servers seem to have dogshit authentication, so using some form of private network setup is going to be your best move.

    • lud@lemm.ee
      link
      fedilink
      English
      arrow-up
      5
      ·
      2 months ago

      You don’t have to host the VPN on the router. You can also host it on a separate machine or the same one that’s running the Minecraft server.

      • ricecake
        link
        fedilink
        English
        arrow-up
        3
        ·
        2 months ago

        Oh for sure. What I meant was “check router for a built in VPN and use it if it has one, otherwise use wireguard because it’s the easiest”.

        The specific VPN doesn’t really matter so much. The built-in one would be the easiest, so checking for a solution that took a few clicks is worth it. :)

        • lud@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 months ago

          Fair enough.

          But personally I would recommend trying to setup wireguard if your router doesn’t have it integrated. It’s just so much faster than OpenVPN (usually the only built in option).

          • ricecake
            link
            fedilink
            English
            arrow-up
            2
            ·
            2 months ago

            Yeah, it’s definitely faster, but I’m not sure it’s going to make too much of a difference for a Minecraft server.

            With setting it up being a bit annoying by hand, I’d still rank the router option higher even if it’s a worse VPN. Otherwise you risk ending up in that yak shaving situation where you’re fighting with routing tables and DNS when you wanted a Minecraft server.

            • lud@lemm.ee
              link
              fedilink
              English
              arrow-up
              2
              ·
              2 months ago

              Yeah, that’s also fair. I have a tendency to overcomplicate things like this when all I wanted was a simple service.