Miah Johnson on Nostr: If you never SSH to your server from outside of your country of residence, there is ...
If you never SSH to your server from outside of your country of residence, there is nothing bad about filtering every other countries IP space from accessing your SSH server.
Move it to a non-standard port. Trip-wire other ports such that if they are accessed the source IP gets blocked from further attempts.
Disable password based authentication.
Move ssh to localhost and require wireguard to access..
These are all viable ways to protect yourself. The more hoops to jump through the better.
Published at
2024-08-18 16:58:06Event JSON
{
"id": "7232c88bf584295146e7e42ac5ed69c2fd06dfff4ccc41ae5ba9887539287ebb",
"pubkey": "86228fcc28e002bbb603486fd0c5e37470acccf1200283a121f1db7fd75efd79",
"created_at": 1724000286,
"kind": 1,
"tags": [
[
"proxy",
"https://hachyderm.io/users/miah/statuses/112984082765698590",
"activitypub"
]
],
"content": "If you never SSH to your server from outside of your country of residence, there is nothing bad about filtering every other countries IP space from accessing your SSH server.\n\nMove it to a non-standard port. Trip-wire other ports such that if they are accessed the source IP gets blocked from further attempts.\n\nDisable password based authentication.\n\nMove ssh to localhost and require wireguard to access.. \n\nThese are all viable ways to protect yourself. The more hoops to jump through the better.",
"sig": "b3c241aa2e4430e324bd1247d755d8c09e1f209613e57ddfc0c655351b2769b5fc5bde372c1249d22e1fff502de0622a4f8158ba6ad254e1ef7c6e2684fe654d"
}