-
@ SuperDicq
2025-02-26 15:30:22
nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqj8uxjpu5aufwdu7ty70luallc3luf5wvhevks5pqsfkk3v3rceesj20uwm Not a security person but in most cases disabling password authentication to force people to use authorize_keys and setting up fail2ban is more than enough. Optionally you can also add an IP whitelist to this.
If you want be even more secure I suggest not exposing SSH to the public internet at all and requiring people to use a VPN connection in order to be able to SSH.