I’m looking for a simple but genuinely secure way to remotely access files on a hard drive attached (via USB 3) directly to my router. (Currently using ASUS RT-AX56U.)
Many routers with USB ports allow you to attach a drive, and often offer an FTP server which, combined with DDNS, means you can access it remotely. However, for some reason, I’ve been unable to find any router which implements either FTP over TLS (FTPS) or FTP through SSH (SFTP) – they all only seem to offer plain old unencrypted FTP, which therefore I don’t want to use.
How can I securely access these files remotely?
I’d like to avoid:
- Using any proprietary built-in remote access functions, as these are notoriously deeply insecure (no matter what the marketing says)
- Installing custom firmware unless you can reassure me this doesn’t, itself, introduce new security vulnerabilities?
And when I say “securely access files” what I mean is end-to-end encrypted, i.e. no file or password is ever transmitted over the line in clear text, and no one could intercept the keys either (i.e. encrypted via some standard public key cryptography scheme).
Your first bullet point makes no sense.
You don’t trust any build-in remote access solution (like a VPN), but you are willing to trust a file-transfer protocol hosted on the same router, that is might be just as buggy/unpatched/outdated.
Just enable the OpenVPN service (all Asus routers have it) and use that in combination with the on-board FTP or SMB file-sharing.
Asus is fairly good with timely updates and the openVPN implementation is very stable and taken directly from the Open Source code. No weird changes that introduce more problems.