I’m running my own HA locally, in my house, but I would like to be able to access it also when I’m not home. So I’ve put it on my Zerotier One VPN, which works fine. Except for two things:
-
HA no longer knows when I’m home - it thinks I’m always home;
-
Other people in my household would also like to have remote access, but it’s unrealistic to have them install and use the VPN.
So - can I just open it up, and rely on long, complex passeords? Or is that a complete no-go?
I do this as well, but another approach I was thinking about implementing (i havent tried it yet) was to also block all IP addresses not belonging to mobile networks or residential ISPs in my country.
That way, in theory, only a mobile network IP or somone on residential wifi would pass through my firewall to Home Assisstant, and this would filter out IPs belonging to datacentres which may be hosting hostile VPS’s, Tor exit nodes, proxies, VPN exit points, etc, etc.