when reading through the jellyfin with chromecast guide i realized that it would probably be less effort to just let the casting api be public, with the added bonus that i could then cast my library to any device that supports it. but that seems like it would paint a giant target on the server.
what’s the recommended way of doing stuff like this? ideally i want to be able to go to someone’s house and just play some of my media on their tv.
not that any of this is doable in the near future, since i’m behind cgnat and won’t get my colocated bounce server up until spring.
So like if I want to access my PC from outside, is it enough that I don’t have a firewall installed but that I open up some random port and redirect it to my PC’s port 22, and then connect to it via the random port?
Same thing for Jellyfin?
If you don’t want to worry too much, you can setup a vpn (like wireguard) on your server for ssh access.
Using a non standard port is a good idea, but not entirely foolproof because bots might still port scan (even if unlikely that they do that for ssh I’m not sure). At a mininum, you probably want to use keys for login like the other commenter on the main comment said.
Personally, using a vpn for when I want access to SSH when I’m out is worth the couple hours setting it up the one time (very simple setup with wireguard-easy for example). Maintenence time spent on upgrading is very low.
(Tl;dr personally I’d use a vpn to access ssh specifically rather than exposing it to the internet)
Not 100% sure what you mean, but to clarify: Don’t accidentally expose jellyfins port to the internet (eg the default port 8096). Make sure it is only accessible from outside your network through your reverse proxy.