As a homeowner aiming to integrate smart technology seamlessly, I’ve been exploring the potential of exposing my OpenHAB 2 setup to the public internet. While the convenience of remote access is undeniable, I’m deeply concerned about the security implications. Here’s what I’ve been pondering and seeking advice on:
-
Current Guidance: What are the recommended security practices for exposing OpenHAB to the internet? I’ve heard about using VPNs, but I’m intrigued by the idea of direct access for its ease and reliability.
-
Certificate Security: I have a PKI in place, which allows me to generate certificates effortlessly. However, I’m uncertain about the robustness of these certificates, especially when used with the Android app. How secure are they, and what risks remain even if the certificates themselves are impenetrable?
-
Potential Pitfalls: Beyond the obvious setup steps, what hidden issues should I be wary of? I’m eager to understand the less-discussed aspects of OpenHAB security to ensure I’m not overlooking critical vulnerabilities.
-
Security Features Origin: Are the security features in OpenHAB built using standard open-source implementations, or are they custom-developed by the OpenHAB team? This distinction could significantly impact my confidence in the platform’s security posture.
Currently, I rely on OpenVPN for secure access, but the idea of a more convenient, always-on solution is tempting. I’m curious if others have successfully implemented direct internet access to their OpenHAB setups and what measures they’ve taken to safeguard their systems.
Any insights, experiences, or recommendations from the community would be invaluable as I navigate this decision. Security is paramount, and I want to ensure that my setup is as robust as possible while still enjoying the convenience of remote access.