So it looks like every R2 is running an SSH server with common private key authentication. This means that should any of these keys leak, every device out there will be vulnerable to attack by malicious actors. It would be helpful if someone from UC could explain why they need the ability to remote into our devices without our knowledge or consent.
1 Like
You will most likely not get an answer here or on Discord as these are no official support channels. Mail your concerns to the support and hopefully they can tell you why the ssh server needs to be running on the remote and can not be deactivated.
Not to put down the issue itself but if someone gets to ssh to your remote from outside you have bigger issues.