kaipee

joined 2 years ago
sorted by: new top controversial old
forwarding port 22 safe? in c/main@selfhosted.forum
[–] kaipee@alien.top 1 points 2 years ago (1 children)

Easy to do with known internal networks.

Difficult to manage when roaming.

forwarding port 22 safe? in c/main@selfhosted.forum
[–] kaipee@alien.top 3 points 2 years ago (7 children)

Disable password auth.

Enable key only auth.

Add in TOTP 2FA (google authenticator).

Randomize the port (reduce bots) that forwards to 22.

Configure lockout to block upon 3 failed attempts, for a long duration like 1 year. (Have a backup access on LAN).

Ensure only the highest encryption ciphers are accepted.

Ensure upgrades are applied to sshd at least monthly.

forwarding port 22 safe? in c/main@selfhosted.forum
[–] kaipee@alien.top 3 points 2 years ago (4 children)

How is a VPN service more secure than an SSH service?

Both accept login.

Both provide can be brute forced / if using password.

my private server capacity for rent in c/main@selfhosted.forum
[–] kaipee@alien.top 2 points 2 years ago

Here be dragons