Quick description of my situation:
2 home use computers, both connected to a standard AT&T router. Both computers get a 192.168.1.x IP address from the router. I have no idea what the IP of the router is to the outside world, or how I would know how to determine it. I have a pretty standard AT&T fiber plan so I would suppose my router's IP to the outside world is DHCP, but I'm not 100% sure, and I'm not sure how I would check this. Both computers run a recent version of Ubuntu (also dual booted with Windows but I rarely use Windows).
I often need to do large file transfers from one computer to the other, and installing openssh-server and using the scp command seems to be the most efficient way so that's how I've been doing it. It's pretty straight forward to use the ifconfig command to get the local IP of one machine and then scp to move large amounts of files.
Both machines have a good sudo password, including upper case chars, lower case chars, numbers, and special symbols and I don't use the password anywhere else so nobody else would know it and it would be exceptionally difficult to guess. I do have information on both computers that could be used to fake my identity.
As a general practice, when I'm done scping stuff, I do sudo systemctl stop ssh and sudo systemctl disable ssh to turn off openssh server until the next time I need to do a transfer. I work with autonomous car datasets and they have gotten huge (the most recent Waymo and NuScenes sets are both ~500GB unzipped), so for some especially large transfers I leave ssh enabled overnight.
So my question is, with installing openssh-server (systemd process name ssh) and running as described above, am I taking any security risk? If so, what steps would be recommended to mitigate?
