I have a PC and a laptop, and I'm trying to use OpenSSH to work remotely on my laptop while using my PC, but I'm worried about security.
I know the most secure thing would be to make a key pair to log into my SSH service, but since its a local connection, why can't I just:
- Start OpenSSH Server on my laptop
- Connect with username and password from my PC
- Disable OpenSSH Server on my laptop
Because as I understand it, disabling OpenSSH on the laptop will only prevent new connections meaning that my server would then be secure, and I can then still work on it from the PC (existing connection).
The 10 seconds that the SSH was live, is a small enough window that no-one could realistically brute-force my password.
If my thinking flawed somehow or is this a valid way of doing it?