I am a home user and I don't have my NAS exposed to the Internet. I also don't have any sensitive data on there. I imagine most people who buy one of these will be the same.
Unfortunately most of the people asking for telnet or ssh access do exactly that,
exposing their box to the internet.
As long as there is a decent password set for root then this method should be perfectly satisfactory for the majority of users.
That is a fallacy.
If you use password authentication, you expose your box to dictionary attacks.
Then everything depends on the quality of the password and the ordinary user,
especially those who are only able to follow an idiot proofed step by step guide,
are not well known for choosing a "good" quality password.
I wouldn't edit the wiki myself as I don't feel I have the right! But I do this this should be put up there as an option for those who are not needing as much security.
The wiki depends on everyone who might have something to contribute.
You shouldn't think you are not invited to add stuff to the wiki.
I intentionally do not show users "unsecure" ways of opening their box,
but I also do not blame them if they want to do this.
The problem lies in the awareness of the "step-by-step" users for security.
That you do not intentionally expose your box to the internet does not
automatically means that you do not UNintentionally. Some Windows software
drills a hole into the firewall without asking for proper permission by the
user. Combined with an unsecure box, opens the way for hackers.
This does not mean that this happens all day long, but the myriads of hyjacked
PC have to come from somewhere, haven't they?
There are lots of options in the way the keys can be created in Putty and which options should be used are not stated in the wiki here. I read the guide thoroughly on the puttygen site and tried the different combinations in the procedures, but still had no joy. I prefer to try to work things out myself that bug people with questions that are usually answered elsewhere.
That is a nice way to do, but if you then still failed, you shouldn't be shy to ask
for help here.
We won't rip off your head, if you asked something already asked somewhere
else (as long as it shows at least a little bit of effort to do a search beforehand).
The guide on the wiki is more of a quick description of what the OP did that a guide that can be followed by everyone as there are several points he is not clear on and seems to assume quite a bit of previous knowledge!
You are absolutely right (I can make a judgement on this, because I am the original
author of the guide for the VL
That is the point where others could step in and make the guide more "idiot
proofed". There already was a user making the guide more robust for others
to follow if they used Puttygen for key creation.