How to Secure Proxmox Remote Access

This article will walk you through the process of enabling and securing Proxmox Remote Access.

How to Secure Proxmox Remote Access
Proxmox login interface | Image credits: George Dascalu

The Proxmox servers are configured to operate without a monitor and keyboard. However, we must access Proxmox first to handle the virtual servers. Proxmox remote access, as a result, is beneficial to such circumstances. You can access it remotely in several methods, including a web console on SSH, port 8006, and others.

Providing outside access to your Proxmox server can be dangerous, and it should only be done in rare circumstances. If a threat actor manages to compromise the Proxmox server, he will be able to interfere with all virtual machines that are running on it, resulting in widespread ramifications.

1. SSH

One common means of remote access is the SSH protocol. Proxmox includes an SSH server that's on by default. To log in to our Proxmox VE server, we simply need to connect to it via SSH from any machine on the same network.

ssh [email protected]

It is necessary to enter the password that we chose when Proxmox was first installed after the previous step is completed.

2. VPN

Another option for securely connecting to the Proxmox server via remote access is to make use of a virtual private network (VPN). Because the connection will be encrypted, the likelihood of being hacked will be reduced.

3. Web Console

You may access Proxmox's web console by logging in to port 8006 of the server. To make this port function, you must configure the server firewall with the correct rules.

For instance, to allow web access from a specified IP address (zz.zz.zz.zz)

iptables -I INPUT -p tcp -s zz.zz.zz.zz --dport 8006 -j ACCEPT