To mitigate the effort to maintain my personal server, I am considering to only expose ssh port to the outside and use its socks proxy to reach other services. is Portknocking enough to reduce surface of attack to the minimum?
To mitigate the effort to maintain my personal server, I am considering to only expose ssh port to the outside and use its socks proxy to reach other services. is Portknocking enough to reduce surface of attack to the minimum?
If you’re worried about bots just use a non-standard port and move on. I did that on my own VPS just to cut down on log chatter and I get absolutely zero ssh attack attempts after the change.