Hi everyone
So, that’s a 2 in 1 post. First a more general question then looking for advice for a friend.
-
What is your preferred way to access HA from outside (and why)?
-
a friend of mine use duckdns and I often read (recently) that some people are having issue with it. Is wireguard a better way or another solution that is not too techy to deal with?
Very different solutions.
Wireguard all the way. Exposing just a VPN endpoint that can’t be connected to without the right cryptographic keys is a much more secure and maintainable attack surface.
BTW I assume that’s what you meant by “DuckDNS”. Using that service is orthogonal to making HA visible externally, but is (I think) the common pairing.
Thanks, wireguard sound much better then for just accessing HA, wonder why is duckdns so popular then
@paf @wewbull In fact, even if you’re using Wireguard you’d likely need DuckDNS (or a real domain with something like Cloudflare) to point your wireguard clients to. All DuckDNS does is associate a domain name with your external IP. You could just use the IP directly but your ISP likely doesn’t assign you a static IP so it’ll change randomly, so you run a script that updates your IP with DuckDNS.
@paf @wewbull maybe also have a look at Tailscale
Will check that, thanks